85 files changed, 1748 insertions, 1707 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index 3dd18d857..30eda2532 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -997,10 +997,19 @@ static void printFlow(u_int16_t id, struct ndpi_flow_info *flow, u_int16_t threa
 
     if(flow->info[0] != '\0') fprintf(out, "[%s]", flow->info);
 
-#if 0
-    if(flow->entropy.pktlen_c_to_s || flow->entropy.pktlen_s_to_c)
-      fprintf(out, "[pktlen entropy: %.2f / %.2f]", flow->entropy.pktlen_c_to_s, flow->entropy.pktlen_s_to_c);
-#endif
+    if(flow->pktlen_c_to_s && flow->pktlen_s_to_c) {
+      fprintf(out, "[pktlen c2s avg(stddev)/entropy: %.1f(%.1f)/%.1f]",
+	      ndpi_data_entropy(flow->pktlen_c_to_s),
+	      ndpi_data_average(flow->pktlen_c_to_s),
+	      ndpi_data_stddev(flow->pktlen_c_to_s));
+   
+      fprintf(out, "[pktlen s2c avg(stddev)/entropy: %.1f(%.1f)/%.1f]",
+	      ndpi_data_entropy(flow->pktlen_s_to_c),
+	      ndpi_data_average(flow->pktlen_s_to_c),
+	      ndpi_data_stddev(flow->pktlen_s_to_c));
+    }
+
+    fprintf(out, "[bytes ratio: %.2f]", ndpi_data_ratio(flow->src2dst_bytes, flow->dst2src_bytes));
     
     if(flow->ssh_tls.ssl_version != 0) fprintf(out, "[%s]", ndpi_ssl_version2str(flow->ssh_tls.ssl_version));
     if(flow->ssh_tls.client_info[0] != '\0') fprintf(out, "[client: %s]", flow->ssh_tls.client_info);
diff --git a/example/reader_util.c b/example/reader_util.c
index 854471e63..9db5ccb82 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -399,11 +399,11 @@ void ndpi_flow_info_freer(void *node) {
 
   ndpi_free_flow_info_half(flow);
 
-  if(flow->bytes_c_to_s)
-    ndpi_free_data_analysis(flow->bytes_c_to_s);  
+  if(flow->pktlen_c_to_s)
+    ndpi_free_data_analysis(flow->pktlen_c_to_s);  
   
-  if(flow->bytes_s_to_c)
-    ndpi_free_data_analysis(flow->bytes_s_to_c);  
+  if(flow->pktlen_s_to_c)
+    ndpi_free_data_analysis(flow->pktlen_s_to_c);  
 
   ndpi_free(flow);
 }
@@ -703,8 +703,8 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow
       newflow->src_ip = iph->saddr, newflow->dst_ip = iph->daddr;
       newflow->src_port = htons(*sport), newflow->dst_port = htons(*dport);
       newflow->ip_version = version;
-      newflow->bytes_c_to_s = ndpi_init_data_analysis(DATA_ANALUYSIS_SLIDING_WINDOW),
-	newflow->bytes_s_to_c =  ndpi_init_data_analysis(DATA_ANALUYSIS_SLIDING_WINDOW);
+      newflow->pktlen_c_to_s = ndpi_init_data_analysis(DATA_ANALUYSIS_SLIDING_WINDOW),
+	newflow->pktlen_s_to_c =  ndpi_init_data_analysis(DATA_ANALUYSIS_SLIDING_WINDOW);
       
       if(version == IPVERSION) {
 	inet_ntop(AF_INET, &newflow->src_ip, newflow->src_name, sizeof(newflow->src_name));
@@ -842,7 +842,6 @@ static struct ndpi_flow_info *get_ndpi_flow_info6(struct ndpi_workflow * workflo
 /* ****************************************************** */
 
 void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_flow_info *flow) {
-
   if(enable_joy_stats) {
     /* Update SPLT scores. */
 
@@ -870,10 +869,6 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
   snprintf(flow->host_server_name, sizeof(flow->host_server_name), "%s",
 	   flow->ndpi_flow->host_server_name);
 
-  if(flow->bytes_c_to_s) flow->entropy.pktlen_c_to_s = ndpi_entropy(flow->bytes_c_to_s);
-  
-  if(flow->bytes_s_to_c) flow->entropy.pktlen_s_to_c = ndpi_entropy(flow->bytes_s_to_c);  
-
   if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_DHCP) {
     snprintf(flow->dhcp_fingerprint, sizeof(flow->dhcp_fingerprint), "%s", flow->ndpi_flow->protos.dhcp.fingerprint);
   } else if(flow->detected_protocol.app_protocol == NDPI_PROTOCOL_BITTORRENT) {
@@ -994,11 +989,11 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
     if(src_to_dst_direction) {
       flow->src2dst_packets++, flow->src2dst_bytes += rawsize;
       flow->src2dst_l4_bytes += payload_len;
-      if(flow->bytes_c_to_s) ndpi_data_add_value(flow->bytes_c_to_s, rawsize);
+      if(flow->pktlen_c_to_s) ndpi_data_add_value(flow->pktlen_c_to_s, rawsize);
     } else {
       flow->dst2src_packets++, flow->dst2src_bytes += rawsize;
       flow->dst2src_l4_bytes += payload_len;
-      if(flow->bytes_s_to_c) ndpi_data_add_value(flow->bytes_s_to_c, rawsize);
+      if(flow->pktlen_s_to_c) ndpi_data_add_value(flow->pktlen_s_to_c, rawsize);
     }
 
     if(enable_payload_analyzer && (payload_len > 0))
diff --git a/example/reader_util.h b/example/reader_util.h
index ce06959c5..1ca498299 100644
--- a/example/reader_util.h
+++ b/example/reader_util.h
@@ -120,7 +120,9 @@ typedef struct ndpi_ja3_fingerprints_host{
    UT_hash_handle hh;
 } ndpi_ja3_fingerprints_host;
 
-
+struct flow_metrics {
+  float entropy, average, stddev;
+};
 
 // flow tracking
 typedef struct ndpi_flow_info {
@@ -146,8 +148,8 @@ typedef struct ndpi_flow_info {
   ndpi_protocol detected_protocol;
 
   // Flow data analysis
-  struct ndpi_analyze_struct *bytes_c_to_s, *bytes_s_to_c;
-  
+  struct ndpi_analyze_struct *pktlen_c_to_s, *pktlen_s_to_c;
+    
   char info[96];
   char host_server_name[256];
   char bittorent_hash[41];
@@ -162,10 +164,6 @@ typedef struct ndpi_flow_info {
     u_int16_t server_cipher;
     ndpi_cipher_weakness client_unsafe_cipher, server_unsafe_cipher;
   } ssh_tls;
-
-  struct {
-    float pktlen_c_to_s, pktlen_s_to_c;
-  } entropy;
   
   void *src_id, *dst_id;
 
diff --git a/src/include/ndpi_api.h b/src/include/ndpi_api.h
index 03f21d4cd..c6d17a4b5 100644
--- a/src/include/ndpi_api.h
+++ b/src/include/ndpi_api.h
@@ -899,8 +899,11 @@ extern "C" {
   float ndpi_data_average(struct ndpi_analyze_struct *s);
   float ndpi_data_window_average(struct ndpi_analyze_struct *s);
   
-  float ndpi_entropy(struct ndpi_analyze_struct *s);
-
+  float ndpi_data_entropy(struct ndpi_analyze_struct *s);
+  float ndpi_data_variance(struct ndpi_analyze_struct *s);
+  float ndpi_data_stddev(struct ndpi_analyze_struct *s);
+  float ndpi_data_ratio(u_int32_t sent, u_int32_t rcvd);
+    
   void ndpi_data_print_window_values(struct ndpi_analyze_struct *s); /* debug */
 #ifdef __cplusplus
 }
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index 2aacf847a..0db1ccf91 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -1369,6 +1369,11 @@ struct ndpi_analyze_struct {
   u_int32_t *values;
   u_int32_t sum_total, num_data_entries, next_value_insert_index;
   u_int16_t num_values_array_len /* lenght of the values array */;
+
+  struct {
+    /* https://www.johndcook.com/blog/standard_deviation/ */
+    float mu, q;
+  } stddev;
 };
 
 #define DEFAULT_SERIES_LEN  64
diff --git a/src/lib/ndpi_analyze.c b/src/lib/ndpi_analyze.c
index 502c2d858..ce3168165 100644
--- a/src/lib/ndpi_analyze.c
+++ b/src/lib/ndpi_analyze.c
@@ -72,20 +72,42 @@ void ndpi_free_data_analysis(struct ndpi_analyze_struct *d) {
   Add a new point to analyze
  */
 void ndpi_data_add_value(struct ndpi_analyze_struct *s, const u_int32_t value) {
+  float tmp_mu;
+
   s->sum_total += value, s->num_data_entries++, s->values[s->next_value_insert_index] = value;
+
   if(++s->next_value_insert_index == s->num_values_array_len)
     s->next_value_insert_index = 0;
+
+  /* Update stddev */
+  tmp_mu = s->stddev.mu;
+  s->stddev.mu = ((s->stddev.mu * (s->num_data_entries - 1)) + value) / s->num_data_entries;
+  s->stddev.q = s->stddev.q + (value - tmp_mu)*(value - s->stddev.mu);    
 }
 
 /* ********************************************************************************* */
 
-/* Compute the average on all value */
+/* Compute the average on all values */
 float ndpi_data_average(struct ndpi_analyze_struct *s) {
   return((float)s->sum_total / (float)s->num_data_entries);
 }
 
 /* ********************************************************************************* */
 
+/* Compute the variance on all values */
+float ndpi_data_variance(struct ndpi_analyze_struct *s) {
+  return(s->num_data_entries ? (s->stddev.q / s->num_data_entries) : 0);
+}
+
+/* ********************************************************************************* */
+
+/* Compute the standard deviation on all values */
+float ndpi_data_stddev(struct ndpi_analyze_struct *s) {
+  return(sqrt(ndpi_data_variance(s)));
+}
+
+/* ********************************************************************************* */
+
 /* Compute the average only on the sliding window */
 float ndpi_data_window_average(struct ndpi_analyze_struct *s) {
   float   sum = 0.0;
@@ -102,7 +124,7 @@ float ndpi_data_window_average(struct ndpi_analyze_struct *s) {
 /*
   Compute entropy on the last sliding window values
 */
-float ndpi_entropy(struct ndpi_analyze_struct *s) {
+float ndpi_data_entropy(struct ndpi_analyze_struct *s) {
   int i;
   float sum = 0.0, total = 0.0;
 
@@ -129,3 +151,12 @@ void ndpi_data_print_window_values(struct ndpi_analyze_struct *s) {
 
   printf("\n");
 }
+
+/* ********************************************************************************* */
+
+float ndpi_data_ratio(u_int32_t sent, u_int32_t rcvd) {
+  int64_t s = (int64_t)sent +  (int64_t)rcvd;
+  int64_t d =  (int64_t)sent -  (int64_t)rcvd;
+
+  return((s == 0) ? 0 : ((float)d)/((float)s));
+}
diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out
index cc445652b..cab79a1ef 100644
--- a/tests/result/1kxun.pcap.out
+++ b/tests/result/1kxun.pcap.out
@@ -21,135 +21,135 @@ JA3 Host Stats:
 	1	 192.168.5.16             	 2      
 
 
-	1	TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144][PLAIN TEXT (GET /vlive.qq)]
-	2	TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com][PLAIN TEXT (GET /video)]
-	3	TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com][PLAIN TEXT (GET /video)]
-	4	TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com][PLAIN TEXT (GET /video)]
-	5	TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com][PLAIN TEXT (GET /video)]
-	6	TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (GET /api/movies/mp4)]
-	7	TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com][PLAIN TEXT (GET /video)]
-	8	TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com][PLAIN TEXT (GET /video)]
-	9	TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Host: 42.120.51.152][PLAIN TEXT (POST /api/proxy)]
-	10	TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)]
-	11	TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)]
-	12	UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
-	13	UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
-	14	TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/TLS][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes]
-	15	TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Host: vv.video.qq.com][PLAIN TEXT (POST /getvinfo HTTP/1.1)]
-	16	UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes]
-	17	TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes]
-	18	TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][TLSv1.2][client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	19	TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][TLSv1.2][client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	20	TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][TLSv1.2][client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	21	TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (GET /api/videos/10410.j)]
-	22	TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][TLSv1.2][client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	23	TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (GET /api/videos/10410.j)]
-	24	TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes]
-	25	UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	26	TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com][PLAIN TEXT (GET /api/videos/alsolikes/10410)]
-	27	TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145][PLAIN TEXT (GET /vlive.qq)]
-	28	UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	29	UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	30	UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	31	TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
-	32	UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	33	UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	34	UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	35	UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	36	TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170][PLAIN TEXT (GET /api/qq)]
-	37	UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	38	UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	39	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)]
-	40	UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
-	41	UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	42	UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)]
-	43	UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)]
-	44	UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)]
-	45	UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEBEOEKEJ)]
-	46	UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes]
-	47	UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes]
-	48	UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (official)]
-	49	TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes]
-	50	UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)]
-	51	UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)]
-	52	UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com]
-	53	UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEDCOEBFC)]
-	54	UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (kankan)]
-	55	UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com]
-	56	UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)]
-	57	UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)]
-	58	UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad]
-	59	TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes]
-	60	UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
-	61	UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
-	62	UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)]
-	63	UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
-	64	UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
-	65	UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
-	66	UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	67	UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
-	68	UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
-	69	UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 78/STUN][cat: Network/14][1 pkts/177 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
-	70	TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes]
-	71	UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
-	72	UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
-	73	UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)]
-	74	UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
-	75	UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
-	76	UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
-	77	UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
-	78	UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 78/STUN][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.4 )]
-	79	UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
-	80	UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
-	81	UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
-	82	UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
-	83	UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
-	84	UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	85	UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	86	UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: Kasper-mac][PLAIN TEXT (Kasper)]
-	87	UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
-	88	UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
-	89	UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
-	90	UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
-	91	UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
-	92	UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
-	93	UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)]
-	94	UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)]
-	95	UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
-	96	UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC]
-	97	UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC]
-	98	UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC]
-	99	UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC]
-	100	UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
-	101	UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
-	102	UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
-	103	UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	104	TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes]
-	105	TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes]
-	106	UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes]
-	107	UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)]
-	108	UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEBEOEKEJ)]
-	109	UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	110	UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	111	UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
-	112	UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
-	113	UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	114	UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
-	115	UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
-	116	UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-PC]
-	117	UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)]
+	1	TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144][pktlen c2s avg(stddev)/entropy: 5.0(58.0)/44.0][pktlen s2c avg(stddev)/entropy: 5.0(1060.5)/127.3][bytes ratio: -0.84][PLAIN TEXT (GET /vlive.qq)]
+	2	TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 3.5(95.7)/113.3][pktlen s2c avg(stddev)/entropy: 5.0(1209.9)/325.4][bytes ratio: -0.95][PLAIN TEXT (GET /video)]
+	3	TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 3.5(135.6)/149.1][pktlen s2c avg(stddev)/entropy: 4.9(1145.0)/400.0][bytes ratio: -0.91][PLAIN TEXT (GET /video)]
+	4	TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 3.9(116.1)/133.3][pktlen s2c avg(stddev)/entropy: 4.9(1126.9)/398.1][bytes ratio: -0.89][PLAIN TEXT (GET /video)]
+	5	TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 3.6(128.2)/145.2][pktlen s2c avg(stddev)/entropy: 4.9(1131.9)/402.7][bytes ratio: -0.89][PLAIN TEXT (GET /video)]
+	6	TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi][pktlen c2s avg(stddev)/entropy: 3.9(87.5)/102.3][pktlen s2c avg(stddev)/entropy: 4.7(1207.9)/329.2][bytes ratio: -0.89][PLAIN TEXT (GET /api/movies/mp4)]
+	7	TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 3.4(100.8)/118.8][pktlen s2c avg(stddev)/entropy: 4.6(1095.5)/461.2][bytes ratio: -0.90][PLAIN TEXT (GET /video)]
+	8	TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 2.9(116.3)/133.6][pktlen s2c avg(stddev)/entropy: 4.3(1099.3)/455.3][bytes ratio: -0.89][PLAIN TEXT (GET /video)]
+	9	TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Host: 42.120.51.152][pktlen c2s avg(stddev)/entropy: 3.8(235.8)/192.8][pktlen s2c avg(stddev)/entropy: 2.9(538.8)/555.7][bytes ratio: -0.20][PLAIN TEXT (POST /api/proxy)]
+	10	TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Host: dl-obs.official.line.naver.jp][pktlen c2s avg(stddev)/entropy: 2.2(112.7)/99.1][pktlen s2c avg(stddev)/entropy: 2.7(1102.8)/610.2][bytes ratio: -0.86][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)]
+	11	TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp][pktlen c2s avg(stddev)/entropy: 2.2(112.7)/99.1][pktlen s2c avg(stddev)/entropy: 2.6(1060.2)/619.9][bytes ratio: -0.85][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)]
+	12	UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.0(557.6)/29.6][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NOTIFY )]
+	13	UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.0(529.6)/29.6][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NOTIFY )]
+	14	TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/TLS][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][pktlen c2s avg(stddev)/entropy: 2.8(482.2)/581.5][pktlen s2c avg(stddev)/entropy: 2.9(116.5)/101.3][bytes ratio: 0.69]
+	15	TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Host: vv.video.qq.com][pktlen c2s avg(stddev)/entropy: 3.6(197.2)/175.9][pktlen s2c avg(stddev)/entropy: 2.4(200.0)/149.1][bytes ratio: 0.43][PLAIN TEXT (POST /getvinfo HTTP/1.1)]
+	16	UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.8(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	17	TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][pktlen c2s avg(stddev)/entropy: 1.3(512.5)/468.4][pktlen s2c avg(stddev)/entropy: 1.4(459.4)/535.8][bytes ratio: -0.06]
+	18	TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][pktlen c2s avg(stddev)/entropy: 2.4(178.1)/287.5][pktlen s2c avg(stddev)/entropy: 1.9(210.4)/323.1][bytes ratio: 0.08][TLSv1.2][client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	19	TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][pktlen c2s avg(stddev)/entropy: 2.4(177.7)/287.4][pktlen s2c avg(stddev)/entropy: 1.9(210.4)/323.1][bytes ratio: 0.07][TLSv1.2][client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	20	TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][pktlen c2s avg(stddev)/entropy: 2.3(189.5)/298.9][pktlen s2c avg(stddev)/entropy: 1.8(231.9)/340.1][bytes ratio: 0.08][TLSv1.2][client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	21	TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi][pktlen c2s avg(stddev)/entropy: 2.4(141.0)/143.8][pktlen s2c avg(stddev)/entropy: 1.4(456.4)/511.5][bytes ratio: -0.34][PLAIN TEXT (GET /api/videos/10410.j)]
+	22	TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][pktlen c2s avg(stddev)/entropy: 2.4(176.6)/283.0][pktlen s2c avg(stddev)/entropy: 2.3(158.4)/188.4][bytes ratio: 0.21][TLSv1.2][client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	23	TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi][pktlen c2s avg(stddev)/entropy: 2.6(139.4)/164.4][pktlen s2c avg(stddev)/entropy: 0.8(366.0)/523.1][bytes ratio: -0.02][PLAIN TEXT (GET /api/videos/10410.j)]
+	24	TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][pktlen c2s avg(stddev)/entropy: 2.0(201.2)/139.5][pktlen s2c avg(stddev)/entropy: 1.0(297.4)/462.8][bytes ratio: -0.19]
+	25	UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.8(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	26	TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com][pktlen c2s avg(stddev)/entropy: 2.6(140.6)/166.8][pktlen s2c avg(stddev)/entropy: 1.0(245.0)/313.5][bytes ratio: 0.18][PLAIN TEXT (GET /api/videos/alsolikes/10410)]
+	27	TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145][pktlen c2s avg(stddev)/entropy: 2.5(142.8)/171.7][pktlen s2c avg(stddev)/entropy: 1.1(216.8)/271.5][bytes ratio: 0.24][PLAIN TEXT (GET /vlive.qq)]
+	28	UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.7(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	29	UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.6(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	30	UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.6(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	31	TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Host: api.magicansoft.com][pktlen c2s avg(stddev)/entropy: 2.4(142.3)/116.9][pktlen s2c avg(stddev)/entropy: 1.9(197.2)/157.4][bytes ratio: 0.01][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
+	32	UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.3(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	33	UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(179.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	34	UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(179.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	35	UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	36	TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170][pktlen c2s avg(stddev)/entropy: 3.0(88.0)/62.2][pktlen s2c avg(stddev)/entropy: 1.0(190.7)/180.6][bytes ratio: 0.21][PLAIN TEXT (GET /api/qq)]
+	37	UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(179.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	38	UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	39	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen][pktlen c2s avg(stddev)/entropy: 2.0(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)]
+	40	UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air][pktlen c2s avg(stddev)/entropy: 1.0(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(342.0)/0.0][bytes ratio: 0.00][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
+	41	UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.8(179.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	42	UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.7(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)]
+	43	UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(216.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)]
+	44	UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)]
+	45	UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(274.5)/11.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( FDEBEOEKEJ)]
+	46	UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(98.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	47	UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(98.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	48	UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp][pktlen c2s avg(stddev)/entropy: 0.0(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(289.0)/0.0][bytes ratio: -0.53][PLAIN TEXT (official)]
+	49	TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes][pktlen c2s avg(stddev)/entropy: 2.0(55.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(66.0)/0.0][bytes ratio: 0.25]
+	50	UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc][pktlen c2s avg(stddev)/entropy: 0.0(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)]
+	51	UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc][pktlen c2s avg(stddev)/entropy: 0.0(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)]
+	52	UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com][pktlen c2s avg(stddev)/entropy: 1.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(137.0)/0.0][bytes ratio: 0.03]
+	53	UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( FDEDCOEBFC)]
+	54	UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi][pktlen c2s avg(stddev)/entropy: 1.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(112.0)/0.0][bytes ratio: 0.18][PLAIN TEXT (kankan)]
+	55	UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com][pktlen c2s avg(stddev)/entropy: 1.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(116.0)/0.0][bytes ratio: 0.13]
+	56	UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][pktlen c2s avg(stddev)/entropy: 1.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(108.0)/0.0][bytes ratio: 0.17][PLAIN TEXT (kankan)]
+	57	UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][pktlen c2s avg(stddev)/entropy: 1.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(108.0)/0.0][bytes ratio: 0.17][PLAIN TEXT (kankan)]
+	58	UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad][pktlen c2s avg(stddev)/entropy: 2.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	59	TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	60	UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][pktlen c2s avg(stddev)/entropy: 1.0(95.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (caesar)]
+	61	UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][pktlen c2s avg(stddev)/entropy: 1.0(95.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (caesar)]
+	62	UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)]
+	63	UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________][pktlen c2s avg(stddev)/entropy: 1.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	64	UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________][pktlen c2s avg(stddev)/entropy: 1.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	65	UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________][pktlen c2s avg(stddev)/entropy: 1.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	66	UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 1.0(91.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	67	UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW][pktlen c2s avg(stddev)/entropy: 1.0(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	68	UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW][pktlen c2s avg(stddev)/entropy: 1.0(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	69	UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 78/STUN][cat: Network/14][1 pkts/177 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(177.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (6.35.1 )]
+	70	TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(55.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.25]
+	71	UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC][pktlen c2s avg(stddev)/entropy: 1.0(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	72	UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC][pktlen c2s avg(stddev)/entropy: 1.0(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	73	UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav][pktlen c2s avg(stddev)/entropy: 1.0(87.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (sonusav)]
+	74	UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (isatap)]
+	75	UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (isatap)]
+	76	UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	77	UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	78	UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 78/STUN][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(163.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (6.35.4 )]
+	79	UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][pktlen c2s avg(stddev)/entropy: 1.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (caesar)]
+	80	UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][pktlen c2s avg(stddev)/entropy: 1.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (caesar)]
+	81	UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________][pktlen c2s avg(stddev)/entropy: 1.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	82	UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________][pktlen c2s avg(stddev)/entropy: 1.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	83	UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________][pktlen c2s avg(stddev)/entropy: 1.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	84	UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 1.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	85	UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 1.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	86	UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: Kasper-mac][pktlen c2s avg(stddev)/entropy: 1.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Kasper)]
+	87	UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW][pktlen c2s avg(stddev)/entropy: 1.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	88	UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW][pktlen c2s avg(stddev)/entropy: 1.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	89	UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][pktlen c2s avg(stddev)/entropy: 1.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Joanna)]
+	90	UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][pktlen c2s avg(stddev)/entropy: 1.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Joanna)]
+	91	UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][pktlen c2s avg(stddev)/entropy: 1.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Joanna)]
+	92	UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][pktlen c2s avg(stddev)/entropy: 1.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Joanna)]
+	93	UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (notebook)]
+	94	UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (notebook)]
+	95	UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-PC][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	96	UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	97	UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	98	UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	99	UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	100	UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (isatap)]
+	101	UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (isatap)]
+	102	UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: RO_X1C][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	103	UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	104	TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(63.0)/3.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	105	TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: 0.00]
+	106	UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(98.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	107	UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)]
+	108	UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( FDEBEOEKEJ)]
+	109	UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 0.0(91.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	110	UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 0.0(91.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	111	UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	112	UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (googlecast)]
+	113	UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	114	UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (charming)]
+	115	UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-PC][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	116	UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-PC][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	117	UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (sonusav)]
 
 
 Undetected flows:
-	1	UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes]
-	2	UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
-	3	UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
-	4	UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
-	5	UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
-	6	UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
-	7	UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
-	8	UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
-	9	UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (AABHZW50cmljZV9)]
-	10	UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (icRVSoU)]
-	11	UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
-	12	UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (dDYcTc4)]
+	1	UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(359.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	2	UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(391.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Switch)]
+	3	UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(391.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Switch)]
+	4	UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(359.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Switch)]
+	5	UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(359.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Switch)]
+	6	UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(359.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Switch)]
+	7	UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(197.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (6.35.1 )]
+	8	UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(185.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (6.35.1 )]
+	9	UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (AABHZW50cmljZV9)]
+	10	UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (icRVSoU)]
+	11	UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(142.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (6.35.1 )]
+	12	UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (dDYcTc4)]
diff --git a/tests/result/6in4tunnel.pcap.out b/tests/result/6in4tunnel.pcap.out
index 962af5c2f..848dabd5f 100644
--- a/tests/result/6in4tunnel.pcap.out
+++ b/tests/result/6in4tunnel.pcap.out
@@ -9,13 +9,13 @@ JA3 Host Stats:
 	1	 2001:470:1f17:13f:3e97:eff:fe73:4dec 	 2      
 
 
-	1	TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/TLS][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][TLSv1.2][client: mail.tomasu.net][JA3C: 812d8bce0f85487ba7834d36568ed586][server: mail.tomasu.net][JA3S: 389ed42c02ebecc32e73aa31def07e14][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	2	TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][TLSv1.2][client: www.facebook.com][JA3C: eb7cdd4e7dea7a11b3016c3c9acbd2a3][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
-	3	ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes]
-	4	TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Host: mail.tomasu.net][PLAIN TEXT (GET / HTTP/1.1)]
-	5	ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes][PLAIN TEXT (ds 0/u6)]
-	6	UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Host: star.c10r.facebook.com][PLAIN TEXT (facebook)]
-	7	UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Host: star.c10r.facebook.com][PLAIN TEXT (facebook)]
-	8	TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes]
-	9	TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes]
-	10	ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes]
+	1	TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/TLS][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][pktlen c2s avg(stddev)/entropy: 3.5(165.1)/138.8][pktlen s2c avg(stddev)/entropy: 3.3(934.6)/679.8][bytes ratio: -0.70][TLSv1.2][client: mail.tomasu.net][JA3C: 812d8bce0f85487ba7834d36568ed586][server: mail.tomasu.net][JA3S: 389ed42c02ebecc32e73aa31def07e14][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	2	TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][pktlen c2s avg(stddev)/entropy: 3.4(383.0)/467.5][pktlen s2c avg(stddev)/entropy: 3.0(468.8)/575.9][bytes ratio: -0.01][TLSv1.2][client: www.facebook.com][JA3C: eb7cdd4e7dea7a11b3016c3c9acbd2a3][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	3	ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes][pktlen c2s avg(stddev)/entropy: 4.5(138.0)/0.0][pktlen s2c avg(stddev)/entropy: 4.5(138.0)/0.0][bytes ratio: 0.00]
+	4	TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Host: mail.tomasu.net][pktlen c2s avg(stddev)/entropy: 2.5(131.0)/52.4][pktlen s2c avg(stddev)/entropy: 1.4(251.5)/247.4][bytes ratio: -0.12][PLAIN TEXT (GET / HTTP/1.1)]
+	5	ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(1314.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (ds 0/u6)]
+	6	UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Host: star.c10r.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(133.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(273.0)/0.0][bytes ratio: -0.34][PLAIN TEXT (facebook)]
+	7	UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Host: star.c10r.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(133.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(261.0)/0.0][bytes ratio: -0.32][PLAIN TEXT (facebook)]
+	8	TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][pktlen c2s avg(stddev)/entropy: 0.0(152.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(106.0)/0.0][bytes ratio: 0.18]
+	9	TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][pktlen c2s avg(stddev)/entropy: 0.0(152.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(106.0)/0.0][bytes ratio: 0.18]
+	10	ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(200.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/BGP_Cisco_hdlc_slarp.pcap.out b/tests/result/BGP_Cisco_hdlc_slarp.pcap.out
index 66a5d416a..be8ee5b75 100644
--- a/tests/result/BGP_Cisco_hdlc_slarp.pcap.out
+++ b/tests/result/BGP_Cisco_hdlc_slarp.pcap.out
@@ -1,3 +1,3 @@
 BGP	14	969	1
 
-	1	TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes]
+	1	TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes][pktlen c2s avg(stddev)/entropy: 2.7(55.4)/19.7][pktlen s2c avg(stddev)/entropy: 2.6(83.0)/48.8][bytes ratio: -0.20]
diff --git a/tests/result/BGP_redist.pcap.out b/tests/result/BGP_redist.pcap.out
index dddd85947..4ec8914e5 100644
--- a/tests/result/BGP_redist.pcap.out
+++ b/tests/result/BGP_redist.pcap.out
@@ -1,4 +1,4 @@
 BGP	2	322	2
 
-	1	TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes]
-	2	TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes]
+	1	TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(163.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	2	TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(159.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/EAQ.pcap.out b/tests/result/EAQ.pcap.out
index 8f4cc8140..85666c7da 100644
--- a/tests/result/EAQ.pcap.out
+++ b/tests/result/EAQ.pcap.out
@@ -1,34 +1,34 @@
 Google	23	11743	2
 EAQ	174	10092	29
 
-	1	TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Host: www.google.com.br][PLAIN TEXT (we50oDAAg HTTP/1.1)]
-	2	TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Host: www.google.com][PLAIN TEXT (GET / HTTP/1.1)]
-	3	UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	4	UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	5	UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	6	UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	7	UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	8	UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	9	UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	10	UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	11	UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	12	UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	13	UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	14	UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	15	UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	16	UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	17	UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	18	UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	19	UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	20	UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	21	UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	22	UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	23	UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	24	UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	25	UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	26	UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	27	UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	28	UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	29	UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	30	UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
-	31	UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes]
+	1	TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Host: www.google.com.br][pktlen c2s avg(stddev)/entropy: 2.8(73.9)/45.5][pktlen s2c avg(stddev)/entropy: 2.0(1666.3)/1240.4][bytes ratio: -0.89][PLAIN TEXT (we50oDAAg HTTP/1.1)]
+	2	TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Host: www.google.com][pktlen c2s avg(stddev)/entropy: 2.2(78.0)/38.8][pktlen s2c avg(stddev)/entropy: 1.1(191.0)/237.3][bytes ratio: -0.32][PLAIN TEXT (GET / HTTP/1.1)]
+	3	UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	4	UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	5	UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	6	UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	7	UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	8	UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	9	UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	10	UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	11	UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	12	UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	13	UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	14	UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	15	UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	16	UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	17	UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	18	UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	19	UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	20	UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	21	UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	22	UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	23	UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	24	UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	25	UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	26	UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	27	UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	28	UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	29	UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	30	UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	31	UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/Instagram.pcap.out b/tests/result/Instagram.pcap.out
index 8a97e29e0..1fa30d2a0 100644
--- a/tests/result/Instagram.pcap.out
+++ b/tests/result/Instagram.pcap.out
@@ -11,38 +11,38 @@ JA3 Host Stats:
 	1	 192.168.0.103            	 1      
 
 
-	1	TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes][PLAIN TEXT (dnlN/L)]
-	2	TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	3	TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	4	TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	5	TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Host: photos-g.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	6	TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes][PLAIN TEXT (ny.iaXs)]
-	7	TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes][PLAIN TEXT (inOCIM)]
-	8	TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes][PLAIN TEXT (dGQaNFV)]
-	9	TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes][PLAIN TEXT (DD.DOo)]
-	10	TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][TLSv1][client: igcdn-photos-g-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
-	11	TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][TLSv1][client: igcdn-photos-h-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 7df57c06f869fc3ce509521cae2f75ce][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
-	12	TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes]
-	13	TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][TLSv1][client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
-	14	TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][TLSv1][client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
-	15	TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes][PLAIN TEXT (kpaeC.)]
-	16	TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes]
-	17	TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Host: photos-f.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	18	TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][TLSv1][client: telegraph-ash.instagram.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][JA3S: acb741bcdffb787c5a52654c78645bdf][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	19	UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 413767116)]
-	20	ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes]
-	21	UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Host: igcdn-photos-h-a.akamaihd.net][PLAIN TEXT (photos)]
-	22	TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Host: photos-a.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	23	TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: photos-g.ak.instagram.com][PLAIN TEXT (GET /hphotos)]
-	24	UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-g-a.akamaihd.net][PLAIN TEXT (photos)]
-	25	UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-a-a.akamaihd.net][PLAIN TEXT (photos)]
-	26	TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	27	TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	28	TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes]
-	29	UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 413767116)]
-	30	TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes]
-	31	UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com][PLAIN TEXT (photos)]
+	1	TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes][pktlen c2s avg(stddev)/entropy: 5.0(1460.7)/32.9][pktlen s2c avg(stddev)/entropy: 5.0(66.0)/0.0][bytes ratio: 0.96][PLAIN TEXT (dnlN/L)]
+	2	TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 3.4(86.0)/69.3][pktlen s2c avg(stddev)/entropy: 5.0(1484.0)/0.0][bytes ratio: -0.96][PLAIN TEXT (GET /hphotos)]
+	3	TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 5.0(73.0)/42.2][pktlen s2c avg(stddev)/entropy: 5.0(1435.2)/209.5][bytes ratio: -0.91][PLAIN TEXT (GET /hphotos)]
+	4	TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 5.0(82.7)/55.7][pktlen s2c avg(stddev)/entropy: 4.8(1250.6)/506.8][bytes ratio: -0.87][PLAIN TEXT (GET /hphotos)]
+	5	TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Host: photos-g.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 4.4(76.5)/50.6][pktlen s2c avg(stddev)/entropy: 5.0(1423.0)/248.6][bytes ratio: -0.93][PLAIN TEXT (GET /hphotos)]
+	6	TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes][pktlen c2s avg(stddev)/entropy: 3.9(163.4)/317.9][pktlen s2c avg(stddev)/entropy: 4.9(1180.4)/494.8][bytes ratio: -0.76][PLAIN TEXT (ny.iaXs)]
+	7	TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes][pktlen c2s avg(stddev)/entropy: 4.6(1484.0)/0.0][pktlen s2c avg(stddev)/entropy: 4.6(66.0)/0.0][bytes ratio: 0.92][PLAIN TEXT (inOCIM)]
+	8	TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes][pktlen c2s avg(stddev)/entropy: 3.8(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 4.3(1405.8)/309.0][bytes ratio: -0.94][PLAIN TEXT (dGQaNFV)]
+	9	TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes][pktlen c2s avg(stddev)/entropy: 4.0(1433.2)/196.8][pktlen s2c avg(stddev)/entropy: 3.2(66.0)/0.0][bytes ratio: 0.95][PLAIN TEXT (DD.DOo)]
+	10	TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][pktlen c2s avg(stddev)/entropy: 2.9(136.9)/113.9][pktlen s2c avg(stddev)/entropy: 2.7(885.7)/639.8][bytes ratio: -0.71][TLSv1][client: igcdn-photos-g-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+	11	TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][pktlen c2s avg(stddev)/entropy: 2.8(154.5)/151.0][pktlen s2c avg(stddev)/entropy: 2.1(689.1)/647.4][bytes ratio: -0.51][TLSv1][client: igcdn-photos-h-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 7df57c06f869fc3ce509521cae2f75ce][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+	12	TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes][pktlen c2s avg(stddev)/entropy: 2.2(783.2)/545.1][pktlen s2c avg(stddev)/entropy: 1.4(224.2)/353.7][bytes ratio: 0.55]
+	13	TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][pktlen c2s avg(stddev)/entropy: 2.7(112.0)/80.8][pktlen s2c avg(stddev)/entropy: 2.0(778.5)/657.3][bytes ratio: -0.68][TLSv1][client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+	14	TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][pktlen c2s avg(stddev)/entropy: 2.7(112.0)/80.8][pktlen s2c avg(stddev)/entropy: 2.0(778.5)/657.3][bytes ratio: -0.68][TLSv1][client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][organization: Akamai Technologies Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+	15	TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes][pktlen c2s avg(stddev)/entropy: 1.1(255.8)/379.6][pktlen s2c avg(stddev)/entropy: 1.9(686.3)/610.1][bytes ratio: -0.53][PLAIN TEXT (kpaeC.)]
+	16	TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 64.119/TLS_No_Cert.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes][pktlen c2s avg(stddev)/entropy: 1.1(255.8)/379.6][pktlen s2c avg(stddev)/entropy: 1.8(804.0)/595.0][bytes ratio: -0.52]
+	17	TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Host: photos-f.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 1.6(139.8)/107.0][pktlen s2c avg(stddev)/entropy: 1.4(1152.0)/469.5][bytes ratio: -0.72][PLAIN TEXT (GET /hphotos)]
+	18	TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][pktlen c2s avg(stddev)/entropy: 2.7(175.9)/154.8][pktlen s2c avg(stddev)/entropy: 2.8(133.0)/70.1][bytes ratio: 0.20][TLSv1][client: telegraph-ash.instagram.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][JA3S: acb741bcdffb787c5a52654c78645bdf][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	19	UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(145.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 413767116)]
+	20	ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(102.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	21	UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Host: igcdn-photos-h-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 0.0(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(305.0)/0.0][bytes ratio: -0.55][PLAIN TEXT (photos)]
+	22	TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Host: photos-a.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 0.0(324.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /hphotos)]
+	23	TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: photos-g.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 0.0(321.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /hphotos)]
+	24	UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-g-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 0.0(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(209.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (photos)]
+	25	UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-a-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 0.0(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(209.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (photos)]
+	26	TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	27	TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	28	TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(84.5)/18.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	29	UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(145.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 413767116)]
+	30	TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.06]
+	31	UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com][pktlen c2s avg(stddev)/entropy: 0.0(85.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (photos)]
 
 
 Undetected flows:
-	1	UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes]
+	1	UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out
index ee148678e..5180005f1 100644
--- a/tests/result/KakaoTalk_chat.pcap.out
+++ b/tests/result/KakaoTalk_chat.pcap.out
@@ -13,41 +13,41 @@ JA3 Host Stats:
 	1	 10.24.82.188             	 2      
 
 
-	1	TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][TLSv1.2][client: graph.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
-	2	TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][TLSv1.2][client: developers.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
-	3	TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][TLSv1.2][client: api.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
-	4	TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
-	5	TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
-	6	TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
-	7	TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][cat: Chat/9][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	8	TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes]
-	9	TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes]
-	10	TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][TLSv1][server: *.push.samsungosp.com][JA3S: 986d18bb49fadf70a73a06ead3780d55 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5][PLAIN TEXT (Gyeonggi do)]
-	11	TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
-	12	TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
-	13	TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes]
-	14	TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/TLS][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes]
-	15	TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes]
-	16	UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/166 bytes][Host: katalk.kakao.com][PLAIN TEXT (katalk)]
-	17	UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Host: developers.facebook.com][PLAIN TEXT (developers)]
-	18	UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Host: graph.facebook.com][PLAIN TEXT (facebook)]
-	19	UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Host: 2.97.252.173.in-addr.arpa][PLAIN TEXT (facebook)]
-	20	UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/136 bytes][Host: ac-talk.kakao.com]
-	21	UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/84 bytes <-> 1 pkts/130 bytes][Host: booking.loco.kakao.com][PLAIN TEXT (booking)]
-	22	UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/82 bytes <-> 1 pkts/126 bytes][Host: up-gp.talk.kakao.com]
-	23	UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-p.talk.kakao.com]
-	24	UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-v.talk.kakao.com]
-	25	UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-m.talk.kakao.com]
-	26	UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-a.talk.kakao.com]
-	27	UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-c.talk.kakao.com]
-	28	UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com]
-	29	UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com]
-	30	UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com][PLAIN TEXT (facebook)]
-	31	UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com]
-	32	UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com]
-	33	TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes]
-	34	UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com]
-	35	TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes]
-	36	ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes]
-	37	TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes]
-	38	TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
+	1	TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][pktlen c2s avg(stddev)/entropy: 3.0(203.6)/304.3][pktlen s2c avg(stddev)/entropy: 3.2(364.4)/448.8][bytes ratio: -0.28][TLSv1.2][client: graph.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][pktlen c2s avg(stddev)/entropy: 2.5(183.9)/331.5][pktlen s2c avg(stddev)/entropy: 3.0(433.5)/513.1][bytes ratio: -0.43][TLSv1.2][client: developers.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	3	TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][pktlen c2s avg(stddev)/entropy: 2.1(258.4)/416.1][pktlen s2c avg(stddev)/entropy: 2.5(569.2)/539.9][bytes ratio: -0.33][TLSv1.2][client: api.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	4	TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][pktlen c2s avg(stddev)/entropy: 3.7(142.4)/154.7][pktlen s2c avg(stddev)/entropy: 2.8(263.4)/439.9][bytes ratio: -0.25][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
+	5	TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][pktlen c2s avg(stddev)/entropy: 3.1(167.2)/222.0][pktlen s2c avg(stddev)/entropy: 2.7(388.7)/490.9][bytes ratio: -0.34][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
+	6	TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][pktlen c2s avg(stddev)/entropy: 3.6(132.8)/133.6][pktlen s2c avg(stddev)/entropy: 2.8(264.6)/439.4][bytes ratio: -0.33][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
+	7	TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][cat: Chat/9][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][pktlen c2s avg(stddev)/entropy: 3.1(156.6)/151.9][pktlen s2c avg(stddev)/entropy: 2.9(363.6)/450.9][bytes ratio: -0.43][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][server: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	8	TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes][pktlen c2s avg(stddev)/entropy: 3.6(131.2)/136.4][pktlen s2c avg(stddev)/entropy: 3.0(188.3)/75.5][bytes ratio: 0.14]
+	9	TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes][pktlen c2s avg(stddev)/entropy: 2.8(193.0)/122.5][pktlen s2c avg(stddev)/entropy: 3.1(74.7)/20.9][bytes ratio: 0.44]
+	10	TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][pktlen c2s avg(stddev)/entropy: 1.5(96.7)/35.0][pktlen s2c avg(stddev)/entropy: 0.5(533.3)/652.4][bytes ratio: -0.69][TLSv1][server: *.push.samsungosp.com][JA3S: 986d18bb49fadf70a73a06ead3780d55 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5][PLAIN TEXT (Gyeonggi do)]
+	11	TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com][pktlen c2s avg(stddev)/entropy: 2.0(97.4)/73.2][pktlen s2c avg(stddev)/entropy: 2.1(104.5)/104.9][bytes ratio: -0.13][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
+	12	TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com][pktlen c2s avg(stddev)/entropy: 2.0(97.4)/73.2][pktlen s2c avg(stddev)/entropy: 1.8(114.2)/112.4][bytes ratio: -0.08][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
+	13	TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes][pktlen c2s avg(stddev)/entropy: 2.8(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.8(56.0)/0.0][bytes ratio: 0.00]
+	14	TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/TLS][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes][pktlen c2s avg(stddev)/entropy: 1.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.6(56.0)/0.0][bytes ratio: -0.20]
+	15	TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes][pktlen c2s avg(stddev)/entropy: 1.0(69.5)/13.5][pktlen s2c avg(stddev)/entropy: 1.0(56.0)/0.0][bytes ratio: 0.11]
+	16	UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/166 bytes][Host: katalk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(166.0)/0.0][bytes ratio: -0.36][PLAIN TEXT (katalk)]
+	17	UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Host: developers.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(85.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(144.0)/0.0][bytes ratio: -0.26][PLAIN TEXT (developers)]
+	18	UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Host: graph.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(138.0)/0.0][bytes ratio: -0.27][PLAIN TEXT (facebook)]
+	19	UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Host: 2.97.252.173.in-addr.arpa][pktlen c2s avg(stddev)/entropy: 0.0(87.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(130.0)/0.0][bytes ratio: -0.20][PLAIN TEXT (facebook)]
+	20	UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/136 bytes][Host: ac-talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(136.0)/0.0][bytes ratio: -0.27]
+	21	UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/84 bytes <-> 1 pkts/130 bytes][Host: booking.loco.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(84.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(130.0)/0.0][bytes ratio: -0.21][PLAIN TEXT (booking)]
+	22	UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/82 bytes <-> 1 pkts/126 bytes][Host: up-gp.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(126.0)/0.0][bytes ratio: -0.21]
+	23	UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-p.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(124.0)/0.0][bytes ratio: -0.21]
+	24	UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-v.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(124.0)/0.0][bytes ratio: -0.21]
+	25	UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-m.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(124.0)/0.0][bytes ratio: -0.21]
+	26	UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-a.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(124.0)/0.0][bytes ratio: -0.21]
+	27	UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-c.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(124.0)/0.0][bytes ratio: -0.21]
+	28	UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(119.0)/0.0][bytes ratio: -0.19]
+	29	UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(119.0)/0.0][bytes ratio: -0.19]
+	30	UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(118.0)/0.0][bytes ratio: -0.20][PLAIN TEXT (facebook)]
+	31	UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(114.0)/0.0][bytes ratio: -0.20]
+	32	UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(114.0)/0.0][bytes ratio: -0.20]
+	33	TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(90.5)/22.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	34	UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(97.0)/0.0][bytes ratio: -0.09]
+	35	TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(164.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	36	ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(147.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	37	TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(83.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	38	TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out
index b399fd3e3..7ee9eed7c 100644
--- a/tests/result/KakaoTalk_talk.pcap.out
+++ b/tests/result/KakaoTalk_talk.pcap.out
@@ -13,23 +13,23 @@ JA3 Host Stats:
 	1	 10.24.82.188             	 2      
 
 
-	1	UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][PLAIN TEXT (46yOXQ)]
-	2	UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][PLAIN TEXT (46yOXQ)]
-	3	TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	4	TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	5	TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
-	6	UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes]
-	7	UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes]
-	8	TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com][PLAIN TEXT (POST http)]
-	9	TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes]
-	10	TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes]
-	11	TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][PLAIN TEXT (xiaomi.com)]
-	12	TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes]
-	13	TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes]
-	14	UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com][PLAIN TEXT (facebook)]
-	15	TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes]
-	16	TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes]
-	17	TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes]
-	18	TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
-	19	TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes]
-	20	TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
+	1	UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][pktlen c2s avg(stddev)/entropy: 5.0(140.5)/43.2][pktlen s2c avg(stddev)/entropy: 4.9(125.9)/33.1][bytes ratio: 0.06][PLAIN TEXT (46yOXQ)]
+	2	UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][pktlen c2s avg(stddev)/entropy: 4.9(125.9)/33.1][pktlen s2c avg(stddev)/entropy: 5.0(141.0)/43.4][bytes ratio: -0.05][PLAIN TEXT (46yOXQ)]
+	3	TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][pktlen c2s avg(stddev)/entropy: 3.8(242.1)/253.9][pktlen s2c avg(stddev)/entropy: 3.6(289.6)/276.1][bytes ratio: 0.01][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	4	TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][pktlen c2s avg(stddev)/entropy: 4.1(190.4)/164.3][pktlen s2c avg(stddev)/entropy: 3.9(260.4)/240.9][bytes ratio: -0.13][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	5	TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][pktlen c2s avg(stddev)/entropy: 3.2(195.5)/228.1][pktlen s2c avg(stddev)/entropy: 3.7(78.0)/34.6][bytes ratio: 0.46][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
+	6	UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][pktlen c2s avg(stddev)/entropy: 3.6(141.0)/6.1][pktlen s2c avg(stddev)/entropy: 3.3(142.0)/0.0][bytes ratio: 0.09]
+	7	UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][pktlen c2s avg(stddev)/entropy: 3.5(140.2)/5.7][pktlen s2c avg(stddev)/entropy: 3.5(140.2)/5.7][bytes ratio: 0.00]
+	8	TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 2.1(139.6)/198.8][pktlen s2c avg(stddev)/entropy: 2.5(87.1)/71.4][bytes ratio: 0.29][PLAIN TEXT (POST http)]
+	9	TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][pktlen c2s avg(stddev)/entropy: 2.5(90.5)/24.3][pktlen s2c avg(stddev)/entropy: 1.9(189.0)/164.1][bytes ratio: -0.27]
+	10	TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes][pktlen c2s avg(stddev)/entropy: 1.2(348.0)/206.5][pktlen s2c avg(stddev)/entropy: 0.9(77.0)/21.0][bytes ratio: 0.74]
+	11	TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][pktlen c2s avg(stddev)/entropy: 0.9(112.5)/44.5][pktlen s2c avg(stddev)/entropy: 1.0(85.5)/17.5][bytes ratio: 0.14][PLAIN TEXT (xiaomi.com)]
+	12	TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	13	TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes][pktlen c2s avg(stddev)/entropy: 1.6(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(56.0)/0.0][bytes ratio: 0.20]
+	14	UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(118.0)/0.0][bytes ratio: -0.20][PLAIN TEXT (facebook)]
+	15	TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(164.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	16	TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(62.0)/6.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	17	TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(83.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	18	TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	19	TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	20	TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/NTPv2.pcap.out b/tests/result/NTPv2.pcap.out
index a6038a738..fec39200a 100644
--- a/tests/result/NTPv2.pcap.out
+++ b/tests/result/NTPv2.pcap.out
@@ -1,3 +1,3 @@
 NTP	1	410	1
 
-	1	UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes]
+	1	UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(410.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/NTPv3.pcap.out b/tests/result/NTPv3.pcap.out
index c0ef68243..451a6c0cf 100644
--- a/tests/result/NTPv3.pcap.out
+++ b/tests/result/NTPv3.pcap.out
@@ -1,3 +1,3 @@
 NTP	1	90	1
 
-	1	UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
+	1	UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/NTPv4.pcap.out b/tests/result/NTPv4.pcap.out
index 606c4787d..dec0ff53d 100644
--- a/tests/result/NTPv4.pcap.out
+++ b/tests/result/NTPv4.pcap.out
@@ -1,3 +1,3 @@
 NTP	1	90	1
 
-	1	UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
+	1	UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/Oscar.pcap.out b/tests/result/Oscar.pcap.out
index 96235e606..160ca3f38 100644
--- a/tests/result/Oscar.pcap.out
+++ b/tests/result/Oscar.pcap.out
@@ -1,3 +1,3 @@
 Oscar	71	9386	1
 
-	1	TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 69/Oscar][cat: Chat/9][38 pkts/3580 bytes <-> 33 pkts/5806 bytes][PLAIN TEXT (Adium/1.5.10)]
+	1	TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 69/Oscar][cat: Chat/9][38 pkts/3580 bytes <-> 33 pkts/5806 bytes][pktlen c2s avg(stddev)/entropy: 4.7(94.2)/74.7][pktlen s2c avg(stddev)/entropy: 4.2(175.9)/256.6][bytes ratio: -0.24][PLAIN TEXT (Adium/1.5.10)]
diff --git a/tests/result/ajp.pcap.out b/tests/result/ajp.pcap.out
index df3d5d9f7..2cfcd2a39 100644
--- a/tests/result/ajp.pcap.out
+++ b/tests/result/ajp.pcap.out
@@ -1,10 +1,10 @@
 Unknown	6	2200	2
 AJP	26	4446	2
 
-	1	TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][PLAIN TEXT (HTTP/1.1)]
-	2	TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][PLAIN TEXT (HTTP/1.1)]
+	1	TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][pktlen c2s avg(stddev)/entropy: 1.9(222.0)/285.7][pktlen s2c avg(stddev)/entropy: 2.3(111.5)/84.4][bytes ratio: 0.40][PLAIN TEXT (HTTP/1.1)]
+	2	TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][pktlen c2s avg(stddev)/entropy: 1.9(222.0)/285.7][pktlen s2c avg(stddev)/entropy: 2.3(111.5)/84.4][bytes ratio: 0.40][PLAIN TEXT (HTTP/1.1)]
 
 
 Undetected flows:
-	1	80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1)]
-	2	80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes]
+	1	80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.4(503.0)/409.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (HTTP/1.1)]
+	2	80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(94.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/amqp.pcap.out b/tests/result/amqp.pcap.out
index 641fbafa1..ef484adc5 100644
--- a/tests/result/amqp.pcap.out
+++ b/tests/result/amqp.pcap.out
@@ -1,5 +1,5 @@
 AMQP	160	23514	3
 
-	1	TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes][PLAIN TEXT (celeryev)]
-	2	TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes][PLAIN TEXT (celeryev)]
-	3	TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes][PLAIN TEXT (default)]
+	1	TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes][pktlen c2s avg(stddev)/entropy: 4.8(201.1)/102.7][pktlen s2c avg(stddev)/entropy: 5.0(66.0)/0.0][bytes ratio: 0.51][PLAIN TEXT (celeryev)]
+	2	TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes][pktlen c2s avg(stddev)/entropy: 3.3(332.8)/211.1][pktlen s2c avg(stddev)/entropy: 3.2(77.7)/10.4][bytes ratio: 0.72][PLAIN TEXT (celeryev)]
+	3	TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes][pktlen c2s avg(stddev)/entropy: 3.8(205.0)/87.8][pktlen s2c avg(stddev)/entropy: 3.9(66.0)/0.0][bytes ratio: 0.51][PLAIN TEXT (default)]
diff --git a/tests/result/bitcoin.pcap.out b/tests/result/bitcoin.pcap.out
index d3b44cc28..acd2f8d83 100644
--- a/tests/result/bitcoin.pcap.out
+++ b/tests/result/bitcoin.pcap.out
@@ -1,8 +1,8 @@
 Mining	637	581074	6
 
-	1	TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][PLAIN TEXT (version)]
-	2	TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][PLAIN TEXT (version)]
-	3	TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][PLAIN TEXT (version)]
-	4	TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][PLAIN TEXT (version)]
-	5	TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][PLAIN TEXT (version)]
-	6	TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][PLAIN TEXT (version)]
+	1	TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][pktlen c2s avg(stddev)/entropy: 1.0(140.5)/30.5][pktlen s2c avg(stddev)/entropy: 5.0(1394.4)/378.4][bytes ratio: -1.00][PLAIN TEXT (version)]
+	2	TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][pktlen c2s avg(stddev)/entropy: 4.5(521.1)/577.7][pktlen s2c avg(stddev)/entropy: 4.6(1152.4)/588.7][bytes ratio: -0.65][PLAIN TEXT (version)]
+	3	TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][pktlen c2s avg(stddev)/entropy: 4.2(696.5)/636.6][pktlen s2c avg(stddev)/entropy: 4.3(732.7)/652.9][bytes ratio: -0.22][PLAIN TEXT (version)]
+	4	TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][pktlen c2s avg(stddev)/entropy: 4.2(570.7)/606.4][pktlen s2c avg(stddev)/entropy: 4.4(776.8)/673.2][bytes ratio: -0.35][PLAIN TEXT (version)]
+	5	TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][pktlen c2s avg(stddev)/entropy: 3.9(1354.6)/368.8][pktlen s2c avg(stddev)/entropy: 0.7(590.3)/654.1][bytes ratio: 0.85][PLAIN TEXT (version)]
+	6	TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][pktlen c2s avg(stddev)/entropy: 4.6(128.4)/12.3][pktlen s2c avg(stddev)/entropy: 0.9(461.3)/472.0][bytes ratio: 0.38][PLAIN TEXT (version)]
diff --git a/tests/result/bittorrent.pcap.out b/tests/result/bittorrent.pcap.out
index a38d84f2e..714763bd4 100644
--- a/tests/result/bittorrent.pcap.out
+++ b/tests/result/bittorrent.pcap.out
@@ -1,26 +1,26 @@
 BitTorrent	299	305728	24
 
-	1	TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	2	TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	3	TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	4	TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	5	TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	6	TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	7	TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	8	TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	9	TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	10	TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	11	TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	12	TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	13	TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	14	TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	15	TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	16	TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	17	TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	18	TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	19	TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	20	TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	21	TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	22	TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	23	TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
-	24	TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	1	TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][pktlen c2s avg(stddev)/entropy: 4.0(161.5)/58.0][pktlen s2c avg(stddev)/entropy: 5.0(1463.2)/217.8][bytes ratio: -0.98][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	2	TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][pktlen c2s avg(stddev)/entropy: 1.9(145.8)/44.2][pktlen s2c avg(stddev)/entropy: 1.4(243.8)/234.9][bytes ratio: -0.25][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	3	TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][pktlen c2s avg(stddev)/entropy: 1.9(160.0)/62.0][pktlen s2c avg(stddev)/entropy: 1.1(303.3)/245.5][bytes ratio: -0.17][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	4	TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][pktlen c2s avg(stddev)/entropy: 0.8(291.5)/157.5][pktlen s2c avg(stddev)/entropy: 0.6(409.0)/296.0][bytes ratio: -0.17][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	5	TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][pktlen c2s avg(stddev)/entropy: 1.3(194.0)/114.3][pktlen s2c avg(stddev)/entropy: 0.7(398.0)/252.0][bytes ratio: -0.16][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	6	TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.6(170.0)/25.6][pktlen s2c avg(stddev)/entropy: 0.8(385.5)/207.5][bytes ratio: -0.20][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	7	TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][pktlen c2s avg(stddev)/entropy: 1.5(136.7)/47.4][pktlen s2c avg(stddev)/entropy: 1.1(283.7)/227.4][bytes ratio: -0.35][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	8	TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.5(151.7)/62.9][pktlen s2c avg(stddev)/entropy: 0.7(385.5)/232.5][bytes ratio: -0.26][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	9	TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.5(147.3)/57.1][pktlen s2c avg(stddev)/entropy: 0.8(385.5)/214.5][bytes ratio: -0.27][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	10	TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][pktlen c2s avg(stddev)/entropy: 1.5(146.7)/56.2][pktlen s2c avg(stddev)/entropy: 0.8(386.0)/201.0][bytes ratio: -0.27][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	11	TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.5(144.7)/53.6][pktlen s2c avg(stddev)/entropy: 0.8(385.5)/200.5][bytes ratio: -0.28][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	12	TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.5(144.7)/53.6][pktlen s2c avg(stddev)/entropy: 0.8(385.5)/200.5][bytes ratio: -0.28][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	13	TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.5(143.3)/55.9][pktlen s2c avg(stddev)/entropy: 0.8(385.5)/207.5][bytes ratio: -0.28][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	14	TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][pktlen c2s avg(stddev)/entropy: 1.5(136.3)/47.0][pktlen s2c avg(stddev)/entropy: 0.7(385.5)/234.5][bytes ratio: -0.31][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	15	TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.8(398.0)/216.0][bytes ratio: -0.71][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	16	TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(624.0)/0.0][bytes ratio: -0.65][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	17	TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/40.5][pktlen s2c avg(stddev)/entropy: 0.9(132.5)/52.5][bytes ratio: 0.14][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	18	TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][pktlen c2s avg(stddev)/entropy: 1.5(151.7)/62.9][pktlen s2c avg(stddev)/entropy: 0.0(157.0)/0.0][bytes ratio: 0.49][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	19	TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	20	TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	21	TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	22	TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	23	TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
+	24	TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(134.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
diff --git a/tests/result/bittorrent_ip.pcap.out b/tests/result/bittorrent_ip.pcap.out
index b4594c674..afcce89b0 100644
--- a/tests/result/bittorrent_ip.pcap.out
+++ b/tests/result/bittorrent_ip.pcap.out
@@ -1,4 +1,4 @@
 BitTorrent	479	508018	2
 
-	1	TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes][PLAIN TEXT (n.m Hh)]
-	2	TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes][PLAIN TEXT (@RgmZT)]
+	1	TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes][pktlen c2s avg(stddev)/entropy: 5.0(1514.0)/0.0][pktlen s2c avg(stddev)/entropy: 5.0(66.0)/0.0][bytes ratio: 0.96][PLAIN TEXT (n.m Hh)]
+	2	TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes][pktlen c2s avg(stddev)/entropy: 4.6(1456.6)/281.4][pktlen s2c avg(stddev)/entropy: 4.5(66.0)/0.0][bytes ratio: 0.92][PLAIN TEXT (@RgmZT)]
diff --git a/tests/result/bittorrent_utp.pcap.out b/tests/result/bittorrent_utp.pcap.out
index bab467c07..bd88a1756 100644
--- a/tests/result/bittorrent_utp.pcap.out
+++ b/tests/result/bittorrent_utp.pcap.out
@@ -1,3 +1,3 @@
 BitTorrent	86	41489	1
 
-	1	UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes][PLAIN TEXT (hash20)]
+	1	UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes][pktlen c2s avg(stddev)/entropy: 4.5(779.9)/608.8][pktlen s2c avg(stddev)/entropy: 4.5(124.0)/123.2][bytes ratio: 0.77][PLAIN TEXT (hash20)]
diff --git a/tests/result/bt_search.pcap.out b/tests/result/bt_search.pcap.out
index 4aed6f139..85485b233 100644
--- a/tests/result/bt_search.pcap.out
+++ b/tests/result/bt_search.pcap.out
@@ -1,3 +1,3 @@
 BitTorrent	2	322	1
 
-	1	UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+	1	UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(161.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
diff --git a/tests/result/check_mk_new.pcap.out b/tests/result/check_mk_new.pcap.out
index f98cd6b26..187581270 100644
--- a/tests/result/check_mk_new.pcap.out
+++ b/tests/result/check_mk_new.pcap.out
@@ -1,3 +1,3 @@
 CHECKMK	98	20242	1
 
-	1	TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes][PLAIN TEXT (k@Version)]
+	1	TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes][pktlen c2s avg(stddev)/entropy: 5.0(66.2)/1.1][pktlen s2c avg(stddev)/entropy: 3.5(346.9)/757.9][bytes ratio: -0.68][PLAIN TEXT (k@Version)]
diff --git a/tests/result/coap_mqtt.pcap.out b/tests/result/coap_mqtt.pcap.out
index 5bca203ee..d92168272 100644
--- a/tests/result/coap_mqtt.pcap.out
+++ b/tests/result/coap_mqtt.pcap.out
@@ -2,19 +2,19 @@ COAP	19	1614	8
 Dropbox	800	80676	4
 MQTT	7695	668291	4
 
-	1	TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes][PLAIN TEXT (17Info)]
-	2	TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes][PLAIN TEXT (messageType)]
-	3	TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes][PLAIN TEXT (messageType)]
-	4	TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes][PLAIN TEXT (messageType)]
-	5	UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][PLAIN TEXT (messageType)]
-	6	UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][PLAIN TEXT (messageType)]
-	7	UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][PLAIN TEXT (messageType)]
-	8	UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][PLAIN TEXT (messageType)]
-	9	UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes][PLAIN TEXT (storage)]
-	10	UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes][PLAIN TEXT (separate)]
-	11	UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes][PLAIN TEXT (storage)]
-	12	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes]
-	13	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes]
-	14	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes]
-	15	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes]
-	16	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes][pktlen c2s avg(stddev)/entropy: 4.9(83.5)/26.8][pktlen s2c avg(stddev)/entropy: 4.9(90.0)/40.8][bytes ratio: -0.08][PLAIN TEXT (17Info)]
+	2	TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes][pktlen c2s avg(stddev)/entropy: 4.9(83.5)/26.8][pktlen s2c avg(stddev)/entropy: 4.9(89.7)/40.8][bytes ratio: -0.08][PLAIN TEXT (messageType)]
+	3	TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes][pktlen c2s avg(stddev)/entropy: 4.9(83.5)/26.8][pktlen s2c avg(stddev)/entropy: 4.9(90.0)/40.8][bytes ratio: -0.08][PLAIN TEXT (messageType)]
+	4	TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes][pktlen c2s avg(stddev)/entropy: 4.9(89.8)/40.8][pktlen s2c avg(stddev)/entropy: 4.9(83.6)/26.8][bytes ratio: 0.08][PLAIN TEXT (messageType)]
+	5	UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.6)/2.3][pktlen s2c avg(stddev)/entropy: 5.0(62.6)/2.3][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	6	UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.5)/2.1][pktlen s2c avg(stddev)/entropy: 5.0(62.5)/2.1][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	7	UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.2)/2.3][pktlen s2c avg(stddev)/entropy: 5.0(62.2)/2.3][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	8	UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.1)/2.3][pktlen s2c avg(stddev)/entropy: 5.0(62.1)/2.3][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	9	UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes][pktlen c2s avg(stddev)/entropy: 1.6(87.3)/3.3][pktlen s2c avg(stddev)/entropy: 1.6(68.3)/3.3][bytes ratio: 0.12][PLAIN TEXT (storage)]
+	10	UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes][pktlen c2s avg(stddev)/entropy: 1.0(73.5)/7.5][pktlen s2c avg(stddev)/entropy: 0.8(128.5)/62.5][bytes ratio: -0.27][PLAIN TEXT (separate)]
+	11	UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes][pktlen c2s avg(stddev)/entropy: 1.0(79.0)/6.0][pktlen s2c avg(stddev)/entropy: 1.0(75.5)/9.5][bytes ratio: 0.02][PLAIN TEXT (storage)]
+	12	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	13	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	14	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	15	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	16	UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/diameter.pcap.out b/tests/result/diameter.pcap.out
index 08cd1c852..46d470173 100644
--- a/tests/result/diameter.pcap.out
+++ b/tests/result/diameter.pcap.out
@@ -1,3 +1,3 @@
 Diameter	6	1980	1
 
-	1	TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Web/5][3 pkts/1174 bytes <-> 3 pkts/806 bytes][PLAIN TEXT (1263278878147)]
+	1	TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Web/5][3 pkts/1174 bytes <-> 3 pkts/806 bytes][pktlen c2s avg(stddev)/entropy: 1.6(391.3)/21.7][pktlen s2c avg(stddev)/entropy: 1.6(268.7)/30.2][bytes ratio: 0.19][PLAIN TEXT (1263278878147)]
diff --git a/tests/result/dnscrypt.pcap.out b/tests/result/dnscrypt.pcap.out
index f37856c45..4e9edb02f 100644
--- a/tests/result/dnscrypt.pcap.out
+++ b/tests/result/dnscrypt.pcap.out
@@ -5,7 +5,7 @@ JA3 Host Stats:
 	1	 192.168.43.167           	 2      
 
 
-	1	TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][TLSv1.2][client: simplednscrypt.org][JA3C: b8f81673c0e1d29908346f3bab892b9b][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	2	TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][TLSv1.2][client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	3	TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][TLSv1.2][client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	4	TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][TLSv1.2][client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	1	TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][pktlen c2s avg(stddev)/entropy: 3.9(99.3)/67.6][pktlen s2c avg(stddev)/entropy: 3.8(694.3)/593.9][bytes ratio: -0.78][TLSv1.2][client: simplednscrypt.org][JA3C: b8f81673c0e1d29908346f3bab892b9b][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][pktlen c2s avg(stddev)/entropy: 3.9(110.4)/76.2][pktlen s2c avg(stddev)/entropy: 3.4(516.1)/542.4][bytes ratio: -0.65][TLSv1.2][client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	3	TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][pktlen c2s avg(stddev)/entropy: 2.7(97.5)/75.0][pktlen s2c avg(stddev)/entropy: 2.8(773.5)/597.4][bytes ratio: -0.82][TLSv1.2][client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	4	TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][pktlen c2s avg(stddev)/entropy: 2.7(97.5)/75.0][pktlen s2c avg(stddev)/entropy: 2.8(773.5)/597.4][bytes ratio: -0.82][TLSv1.2][client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
diff --git a/tests/result/drda_db2.pcap.out b/tests/result/drda_db2.pcap.out
index 38e47bd79..7041bac0d 100644
--- a/tests/result/drda_db2.pcap.out
+++ b/tests/result/drda_db2.pcap.out
@@ -1,3 +1,3 @@
 DRDA	38	6691	1
 
-	1	TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes][PLAIN TEXT (@@@@@@@@@@@)]
+	1	TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes][pktlen c2s avg(stddev)/entropy: 3.7(158.4)/168.7][pktlen s2c avg(stddev)/entropy: 3.6(195.7)/193.1][bytes ratio: -0.05][PLAIN TEXT (@@@@@@@@@@@)]
diff --git a/tests/result/dropbox.pcap.out b/tests/result/dropbox.pcap.out
index e321e8b28..c47d1fde1 100644
--- a/tests/result/dropbox.pcap.out
+++ b/tests/result/dropbox.pcap.out
@@ -1,17 +1,17 @@
 Dropbox	848	90532	15
 
-	1	UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][PLAIN TEXT (messageType)]
-	2	UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][PLAIN TEXT (messageType)]
-	3	UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][PLAIN TEXT (messageType)]
-	4	UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][PLAIN TEXT (messageType)]
-	5	UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 274363570036934823360341409051)]
-	6	UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 274363570036934823360341409051)]
-	7	UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com][PLAIN TEXT (getdropbox)]
-	8	UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com][PLAIN TEXT (client)]
-	9	UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com][PLAIN TEXT (dropbox)]
-	10	UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com][PLAIN TEXT (client)]
-	11	UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com][PLAIN TEXT (notify)]
-	12	UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][PLAIN TEXT (version)]
-	13	UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][PLAIN TEXT (version)]
-	14	UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][PLAIN TEXT (namespaces)]
-	15	UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][PLAIN TEXT (namespaces)]
+	1	UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.6)/2.3][pktlen s2c avg(stddev)/entropy: 5.0(62.6)/2.3][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	2	UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.5)/2.1][pktlen s2c avg(stddev)/entropy: 5.0(62.5)/2.1][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	3	UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.2)/2.3][pktlen s2c avg(stddev)/entropy: 5.0(62.2)/2.3][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	4	UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][pktlen c2s avg(stddev)/entropy: 5.0(139.1)/2.3][pktlen s2c avg(stddev)/entropy: 5.0(62.1)/2.3][bytes ratio: 0.38][PLAIN TEXT (messageType)]
+	5	UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(237.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 274363570036934823360341409051)]
+	6	UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(237.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 274363570036934823360341409051)]
+	7	UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com][pktlen c2s avg(stddev)/entropy: 2.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.9(269.5)/75.5][bytes ratio: -0.55][PLAIN TEXT (getdropbox)]
+	8	UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com][pktlen c2s avg(stddev)/entropy: 1.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(333.0)/0.0][bytes ratio: -0.62][PLAIN TEXT (client)]
+	9	UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com][pktlen c2s avg(stddev)/entropy: 1.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(323.0)/0.0][bytes ratio: -0.63][PLAIN TEXT (dropbox)]
+	10	UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com][pktlen c2s avg(stddev)/entropy: 1.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(306.0)/0.0][bytes ratio: -0.58][PLAIN TEXT (client)]
+	11	UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com][pktlen c2s avg(stddev)/entropy: 1.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(294.0)/0.0][bytes ratio: -0.58][PLAIN TEXT (notify)]
+	12	UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(210.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (version)]
+	13	UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(210.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (version)]
+	14	UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(205.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (namespaces)]
+	15	UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(205.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (namespaces)]
diff --git a/tests/result/ethereum.pcap.out b/tests/result/ethereum.pcap.out
index 39694fee9..8268bbec0 100644
--- a/tests/result/ethereum.pcap.out
+++ b/tests/result/ethereum.pcap.out
@@ -1,4 +1,4 @@
 Mining	819	134165	2
 
-	1	TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Mining/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes][PLAIN TEXT (worker)]
-	2	TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Mining/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes][PLAIN TEXT (worker)]
+	1	TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Mining/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes][pktlen c2s avg(stddev)/entropy: 4.8(110.6)/59.2][pktlen s2c avg(stddev)/entropy: 4.9(248.9)/100.1][bytes ratio: -0.18][PLAIN TEXT (worker)]
+	2	TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Mining/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes][pktlen c2s avg(stddev)/entropy: 4.1(107.9)/57.4][pktlen s2c avg(stddev)/entropy: 3.4(188.9)/116.4][bytes ratio: -0.06][PLAIN TEXT (worker)]
diff --git a/tests/result/facebook.pcap.out b/tests/result/facebook.pcap.out
index 5988701ec..0b3a8e51d 100644
--- a/tests/result/facebook.pcap.out
+++ b/tests/result/facebook.pcap.out
@@ -5,5 +5,5 @@ JA3 Host Stats:
 	1	 192.168.43.18            	 2      
 
 
-	1	TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][TLSv1.2][client: www.facebook.com][JA3C: 5c60e71f1b8cd40e4d40ed5b6d666e3f][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
-	2	TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][TLSv1.2][client: facebook.com][JA3C: bfcc1a3891601edb4f137ab7ab25b840][server: *.facebook.com][JA3S: 2d1eb5817ece335c24904f516ad5da12][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	1	TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][pktlen c2s avg(stddev)/entropy: 3.8(140.2)/137.4][pktlen s2c avg(stddev)/entropy: 4.1(1004.6)/604.5][bytes ratio: -0.78][TLSv1.2][client: www.facebook.com][JA3C: 5c60e71f1b8cd40e4d40ed5b6d666e3f][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][pktlen c2s avg(stddev)/entropy: 2.8(149.4)/124.6][pktlen s2c avg(stddev)/entropy: 2.5(440.0)/521.5][bytes ratio: -0.53][TLSv1.2][client: facebook.com][JA3C: bfcc1a3891601edb4f137ab7ab25b840][server: *.facebook.com][JA3S: 2d1eb5817ece335c24904f516ad5da12][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
diff --git a/tests/result/fix.pcap.out b/tests/result/fix.pcap.out
index 5add2c800..b4dc2cece 100644
--- a/tests/result/fix.pcap.out
+++ b/tests/result/fix.pcap.out
@@ -1,14 +1,14 @@
 FIX	1261	115514	12
 
-	1	TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes][PLAIN TEXT (FIX.4.1)]
-	2	TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes][PLAIN TEXT (FIX.4.1)]
-	3	TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes][PLAIN TEXT (FIX.4.1)]
-	4	TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes][PLAIN TEXT (FIX.4.1)]
-	5	TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes][PLAIN TEXT (FIX.4.1)]
-	6	TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes][PLAIN TEXT (FIX.4.1)]
-	7	TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes][PLAIN TEXT (FIX.4.1)]
-	8	TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes][PLAIN TEXT (FIX.4.1)]
-	9	TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][PLAIN TEXT (FIX.4.1)]
-	10	TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][PLAIN TEXT (FIX.4.1)]
-	11	TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes][PLAIN TEXT (FIX.4.1)]
-	12	TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes][PLAIN TEXT (FIX.4.1)]
+	1	TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes][pktlen c2s avg(stddev)/entropy: 4.9(115.5)/53.6][pktlen s2c avg(stddev)/entropy: 5.0(61.1)/9.1][bytes ratio: 0.31][PLAIN TEXT (FIX.4.1)]
+	2	TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes][pktlen c2s avg(stddev)/entropy: 5.0(105.7)/15.4][pktlen s2c avg(stddev)/entropy: 5.0(67.3)/10.5][bytes ratio: 0.22][PLAIN TEXT (FIX.4.1)]
+	3	TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes][pktlen c2s avg(stddev)/entropy: 4.9(152.1)/42.2][pktlen s2c avg(stddev)/entropy: 5.0(69.2)/16.5][bytes ratio: 0.37][PLAIN TEXT (FIX.4.1)]
+	4	TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes][pktlen c2s avg(stddev)/entropy: 5.0(86.3)/10.0][pktlen s2c avg(stddev)/entropy: 4.9(66.9)/22.6][bytes ratio: 0.13][PLAIN TEXT (FIX.4.1)]
+	5	TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes][pktlen c2s avg(stddev)/entropy: 4.1(107.7)/18.9][pktlen s2c avg(stddev)/entropy: 4.1(75.4)/26.7][bytes ratio: 0.18][PLAIN TEXT (FIX.4.1)]
+	6	TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes][pktlen c2s avg(stddev)/entropy: 3.1(106.8)/32.5][pktlen s2c avg(stddev)/entropy: 3.1(77.8)/33.3][bytes ratio: 0.16][PLAIN TEXT (FIX.4.1)]
+	7	TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes][pktlen c2s avg(stddev)/entropy: 2.2(115.4)/43.7][pktlen s2c avg(stddev)/entropy: 2.2(96.8)/37.7][bytes ratio: 0.09][PLAIN TEXT (FIX.4.1)]
+	8	TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes][pktlen c2s avg(stddev)/entropy: 2.5(85.5)/19.5][pktlen s2c avg(stddev)/entropy: 1.9(130.5)/37.2][bytes ratio: -0.01][PLAIN TEXT (FIX.4.1)]
+	9	TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][pktlen c2s avg(stddev)/entropy: 2.5(76.0)/22.6][pktlen s2c avg(stddev)/entropy: 2.2(110.2)/41.3][bytes ratio: -0.09][PLAIN TEXT (FIX.4.1)]
+	10	TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][pktlen c2s avg(stddev)/entropy: 2.5(76.0)/22.6][pktlen s2c avg(stddev)/entropy: 2.2(110.2)/41.2][bytes ratio: -0.09][PLAIN TEXT (FIX.4.1)]
+	11	TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes][pktlen c2s avg(stddev)/entropy: 2.5(73.5)/19.5][pktlen s2c avg(stddev)/entropy: 1.9(119.2)/34.2][bytes ratio: -0.04][PLAIN TEXT (FIX.4.1)]
+	12	TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes][pktlen c2s avg(stddev)/entropy: 2.0(85.5)/19.5][pktlen s2c avg(stddev)/entropy: 1.0(151.5)/0.5][bytes ratio: 0.06][PLAIN TEXT (FIX.4.1)]
diff --git a/tests/result/ftp.pcap.out b/tests/result/ftp.pcap.out
index a45152e6d..3ba5b4b99 100644
--- a/tests/result/ftp.pcap.out
+++ b/tests/result/ftp.pcap.out
@@ -2,9 +2,9 @@ Unknown	1115	1122198	1
 FTP_CONTROL	68	5571	1
 FTP_DATA	9	1819	1
 
-	1	TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][PLAIN TEXT (vsFTPd 3.0.3)]
-	2	TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][cat: Download-FileTransfer-FileSharing/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][PLAIN TEXT (    1 0        0        1073741)]
+	1	TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][pktlen c2s avg(stddev)/entropy: 5.0(70.5)/6.7][pktlen s2c avg(stddev)/entropy: 4.6(99.2)/44.9][bytes ratio: 0.04][PLAIN TEXT (vsFTPd 3.0.3)]
+	2	TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][cat: Download-FileTransfer-FileSharing/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][pktlen c2s avg(stddev)/entropy: 2.3(68.4)/4.8][pktlen s2c avg(stddev)/entropy: 0.8(369.2)/520.6][bytes ratio: -0.62][PLAIN TEXT (    1 0        0        1073741)]
 
 
 Undetected flows:
-	1	TCP 192.168.1.212:50696 <-> 90.130.70.73:24523 [proto: 0/Unknown][380 pkts/25104 bytes <-> 735 pkts/1097094 bytes]
+	1	TCP 192.168.1.212:50696 <-> 90.130.70.73:24523 [proto: 0/Unknown][380 pkts/25104 bytes <-> 735 pkts/1097094 bytes][pktlen c2s avg(stddev)/entropy: 5.0(66.1)/0.9][pktlen s2c avg(stddev)/entropy: 4.9(1492.6)/135.1][bytes ratio: -0.96]
diff --git a/tests/result/git.pcap.out b/tests/result/git.pcap.out
index 77fc7d7e3..07b55f362 100644
--- a/tests/result/git.pcap.out
+++ b/tests/result/git.pcap.out
@@ -1,3 +1,3 @@
 Git	90	74005	1
 
-	1	TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes][PLAIN TEXT (0045git)]
+	1	TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes][pktlen c2s avg(stddev)/entropy: 5.0(81.0)/81.7][pktlen s2c avg(stddev)/entropy: 4.9(1442.6)/705.8][bytes ratio: -0.91][PLAIN TEXT (0045git)]
diff --git a/tests/result/google_ssl.pcap.out b/tests/result/google_ssl.pcap.out
index 6675d2462..e7efedb93 100644
--- a/tests/result/google_ssl.pcap.out
+++ b/tests/result/google_ssl.pcap.out
@@ -4,4 +4,4 @@ JA3 Host Stats:
 		 IP Address                  	 # JA3C     
 
 
-	1	TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][TLSv1][server: www.google.com][JA3S: 7252ecc446aba4a3e474793ae320609a (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_SHA]
+	1	TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][pktlen c2s avg(stddev)/entropy: 3.6(94.5)/86.7][pktlen s2c avg(stddev)/entropy: 2.9(633.0)/622.2][bytes ratio: -0.67][TLSv1][server: www.google.com][JA3S: 7252ecc446aba4a3e474793ae320609a (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_SHA]
diff --git a/tests/result/hangout.pcap.out b/tests/result/hangout.pcap.out
index 5e8faba55..0dfb04d42 100644
--- a/tests/result/hangout.pcap.out
+++ b/tests/result/hangout.pcap.out
@@ -1,3 +1,3 @@
 GoogleHangoutDuo	19	2774	1
 
-	1	UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][PLAIN TEXT (sdiKGkw)]
+	1	UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.2(146.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (sdiKGkw)]
diff --git a/tests/result/http_ipv6.pcap.out b/tests/result/http_ipv6.pcap.out
index d4abf05ae..035f0aecb 100644
--- a/tests/result/http_ipv6.pcap.out
+++ b/tests/result/http_ipv6.pcap.out
@@ -9,18 +9,18 @@ JA3 Host Stats:
 	1	 2a00:d40:1:3:7aac:c0ff:fea7:d4c 	 1      
 
 
-	1	UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Host: www.google.it][PLAIN TEXT (www.google.it)]
-	2	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
-	3	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
-	4	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
-	5	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
-	6	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][TLSv1.2][client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][organization: Facebook, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	7	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][TLSv1.2][client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][organization: Facebook, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	8	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/TLS][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes]
-	9	UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes]
-	10	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes]
-	11	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes]
-	12	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes]
-	13	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes]
-	14	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes]
-	15	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes]
+	1	UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Host: www.google.it][pktlen c2s avg(stddev)/entropy: 4.6(234.6)/285.7][pktlen s2c avg(stddev)/entropy: 4.2(284.0)/300.8][bytes ratio: -0.03][PLAIN TEXT (www.google.it)]
+	2	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][pktlen c2s avg(stddev)/entropy: 3.0(283.5)/323.7][pktlen s2c avg(stddev)/entropy: 3.3(970.7)/538.6][bytes ratio: -0.49][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
+	3	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][pktlen c2s avg(stddev)/entropy: 3.3(117.5)/67.4][pktlen s2c avg(stddev)/entropy: 2.4(715.2)/607.6][bytes ratio: -0.63][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
+	4	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][pktlen c2s avg(stddev)/entropy: 3.1(120.6)/69.9][pktlen s2c avg(stddev)/entropy: 2.4(715.2)/607.6][bytes ratio: -0.65][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
+	5	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][pktlen c2s avg(stddev)/entropy: 3.1(120.6)/69.9][pktlen s2c avg(stddev)/entropy: 1.9(805.1)/929.1][bytes ratio: -0.65][TLSv1][client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293]
+	6	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][pktlen c2s avg(stddev)/entropy: 2.6(137.1)/82.6][pktlen s2c avg(stddev)/entropy: 1.3(845.4)/1077.9][bytes ratio: -0.63][TLSv1.2][client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][organization: Facebook, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	7	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][pktlen c2s avg(stddev)/entropy: 2.4(145.7)/86.4][pktlen s2c avg(stddev)/entropy: 0.7(1035.2)/1503.0][bytes ratio: -0.65][TLSv1.2][client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][organization: Facebook, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	8	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/TLS][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes][pktlen c2s avg(stddev)/entropy: 2.7(122.9)/61.5][pktlen s2c avg(stddev)/entropy: 2.4(193.3)/171.9][bytes ratio: -0.22]
+	9	UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes][pktlen c2s avg(stddev)/entropy: 0.8(179.5)/80.5][pktlen s2c avg(stddev)/entropy: 0.0(143.0)/0.0][bytes ratio: 0.43]
+	10	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(86.0)/0.0][bytes ratio: 0.00]
+	11	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(86.0)/0.0][bytes ratio: 0.00]
+	12	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(86.0)/0.0][bytes ratio: 0.00]
+	13	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(86.0)/0.0][bytes ratio: 0.00]
+	14	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(86.0)/0.0][bytes ratio: 0.00]
+	15	TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(86.0)/0.0][bytes ratio: 0.00]
diff --git a/tests/result/modbus.pcap.out b/tests/result/modbus.pcap.out
index fb7a1dbfb..c9d5a66df 100644
--- a/tests/result/modbus.pcap.out
+++ b/tests/result/modbus.pcap.out
@@ -1,3 +1,3 @@
 Modbus	102	6681	1
 
-	1	TCP 192.168.110.131:2074 <-> 192.168.110.138:502 [proto: 44/Modbus][cat: Network/14][51 pkts/3366 bytes <-> 51 pkts/3315 bytes]
+	1	TCP 192.168.110.131:2074 <-> 192.168.110.138:502 [proto: 44/Modbus][cat: Network/14][51 pkts/3366 bytes <-> 51 pkts/3315 bytes][pktlen c2s avg(stddev)/entropy: 5.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 5.0(65.0)/0.0][bytes ratio: 0.01]
diff --git a/tests/result/monero.pcap.out b/tests/result/monero.pcap.out
index 5b31da22e..5c9595278 100644
--- a/tests/result/monero.pcap.out
+++ b/tests/result/monero.pcap.out
@@ -1,4 +1,4 @@
 Mining	319	166676	2
 
-	1	TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][PLAIN TEXT (method)]
-	2	TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][PLAIN TEXT (method)]
+	1	TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][pktlen c2s avg(stddev)/entropy: 4.5(900.3)/708.7][pktlen s2c avg(stddev)/entropy: 4.7(116.8)/98.8][bytes ratio: 0.83][PLAIN TEXT (method)]
+	2	TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][pktlen c2s avg(stddev)/entropy: 3.0(185.6)/394.9][pktlen s2c avg(stddev)/entropy: 4.3(254.9)/138.0][bytes ratio: -0.14][PLAIN TEXT (method)]
diff --git a/tests/result/mpeg.pcap.out b/tests/result/mpeg.pcap.out
index aa2a415fd..4643f0674 100644
--- a/tests/result/mpeg.pcap.out
+++ b/tests/result/mpeg.pcap.out
@@ -1,3 +1,3 @@
 ntop	19	10643	1
 
-	1	TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Network/14][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org][PLAIN TEXT (GET /0.mp)]
+	1	TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Network/14][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org][pktlen c2s avg(stddev)/entropy: 3.0(83.8)/46.2][pktlen s2c avg(stddev)/entropy: 2.9(988.9)/649.2][bytes ratio: -0.86][PLAIN TEXT (GET /0.mp)]
diff --git a/tests/result/mpegts.pcap.out b/tests/result/mpegts.pcap.out
index cda24f643..e6512f9d3 100644
--- a/tests/result/mpegts.pcap.out
+++ b/tests/result/mpegts.pcap.out
@@ -1,3 +1,3 @@
 MPEG_TS	1	1362	1
 
-	1	UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes]
+	1	UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(1362.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/msnms.pcap.out b/tests/result/msnms.pcap.out
index e5c2177b1..153ffadb3 100644
--- a/tests/result/msnms.pcap.out
+++ b/tests/result/msnms.pcap.out
@@ -1,8 +1,8 @@
 MSN	364	56503	6
 
-	1	TCP 192.168.1.14:1208 <-> 207.46.108.83:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7166 bytes <-> 48 pkts/9557 bytes][PLAIN TEXT (ANS 89 jujurius@msn.com 1115371)]
-	2	TCP 192.168.1.14:1221 <-> 207.46.108.59:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7062 bytes <-> 40 pkts/7349 bytes][PLAIN TEXT (USR 178 OK jujurius@msn.com Jul)]
-	3	TCP 192.168.1.14:1217 <-> 207.46.108.41:1863 [proto: 68/MSN][cat: Web/5][46 pkts/7655 bytes <-> 19 pkts/3761 bytes][PLAIN TEXT (IRO 131 1 1 cecile260992@hotmai)]
-	4	TCP 192.168.1.14:1037 <-> 207.46.107.149:1863 [proto: 68/MSN][cat: Web/5][41 pkts/2425 bytes <-> 55 pkts/6426 bytes][PLAIN TEXT (RNG 17069658 207.46.108.83)]
-	5	TCP 192.168.1.14:1220 <-> 207.46.108.150:1863 [proto: 68/MSN][cat: Web/5][2 pkts/163 bytes <-> 14 pkts/2737 bytes][PLAIN TEXT (IRO 176 1 1 cecile260992@hotmai)]
-	6	TCP 192.168.1.14:1176 -> 207.46.108.39:1863 [proto: 68/MSN][cat: Web/5][13 pkts/2202 bytes -> 0 pkts/0 bytes][PLAIN TEXT (MSG 77 U 89)]
+	1	TCP 192.168.1.14:1208 <-> 207.46.108.83:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7166 bytes <-> 48 pkts/9557 bytes][pktlen c2s avg(stddev)/entropy: 4.9(166.7)/60.6][pktlen s2c avg(stddev)/entropy: 5.0(199.1)/41.0][bytes ratio: -0.14][PLAIN TEXT (ANS 89 jujurius@msn.com 1115371)]
+	2	TCP 192.168.1.14:1221 <-> 207.46.108.59:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7062 bytes <-> 40 pkts/7349 bytes][pktlen c2s avg(stddev)/entropy: 4.9(164.2)/46.3][pktlen s2c avg(stddev)/entropy: 4.9(183.7)/53.8][bytes ratio: -0.02][PLAIN TEXT (USR 178 OK jujurius@msn.com Jul)]
+	3	TCP 192.168.1.14:1217 <-> 207.46.108.41:1863 [proto: 68/MSN][cat: Web/5][46 pkts/7655 bytes <-> 19 pkts/3761 bytes][pktlen c2s avg(stddev)/entropy: 4.9(166.4)/66.0][pktlen s2c avg(stddev)/entropy: 4.2(197.9)/53.3][bytes ratio: 0.34][PLAIN TEXT (IRO 131 1 1 cecile260992@hotmai)]
+	4	TCP 192.168.1.14:1037 <-> 207.46.107.149:1863 [proto: 68/MSN][cat: Web/5][41 pkts/2425 bytes <-> 55 pkts/6426 bytes][pktlen c2s avg(stddev)/entropy: 5.0(59.1)/0.9][pktlen s2c avg(stddev)/entropy: 4.5(116.8)/113.0][bytes ratio: -0.45][PLAIN TEXT (RNG 17069658 207.46.108.83)]
+	5	TCP 192.168.1.14:1220 <-> 207.46.108.150:1863 [proto: 68/MSN][cat: Web/5][2 pkts/163 bytes <-> 14 pkts/2737 bytes][pktlen c2s avg(stddev)/entropy: 0.9(81.5)/22.5][pktlen s2c avg(stddev)/entropy: 3.7(195.5)/61.1][bytes ratio: -0.89][PLAIN TEXT (IRO 176 1 1 cecile260992@hotmai)]
+	6	TCP 192.168.1.14:1176 -> 207.46.108.39:1863 [proto: 68/MSN][cat: Web/5][13 pkts/2202 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.6(169.4)/78.7][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (MSG 77 U 89)]
diff --git a/tests/result/mssql_tds.pcap.out b/tests/result/mssql_tds.pcap.out
index 97a299281..7ffcc62b9 100644
--- a/tests/result/mssql_tds.pcap.out
+++ b/tests/result/mssql_tds.pcap.out
@@ -1,14 +1,14 @@
 MsSQL-TDS	38	16260	12
 
-	1	TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes]
-	2	TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes][PLAIN TEXT (first                         )]
-	3	TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes]
-	4	TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes]
-	5	TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes]
-	6	TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes]
-	7	TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes]
-	8	TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes][PLAIN TEXT (ABCDEFGHIJKLMNOPQ)]
-	9	TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes]
-	10	TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes]
-	11	TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes]
-	12	TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes]
+	1	TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.7(1245.3)/435.7][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	2	TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes][pktlen c2s avg(stddev)/entropy: 3.1(155.2)/89.6][pktlen s2c avg(stddev)/entropy: 2.4(217.3)/168.6][bytes ratio: 0.01][PLAIN TEXT (first                         )]
+	3	TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes][pktlen c2s avg(stddev)/entropy: 1.0(307.0)/51.0][pktlen s2c avg(stddev)/entropy: 0.7(262.0)/162.0][bytes ratio: 0.08]
+	4	TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(1136.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	5	TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(425.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	6	TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(374.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	7	TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(322.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	8	TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(272.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (ABCDEFGHIJKLMNOPQ)]
+	9	TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(253.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	10	TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(239.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	11	TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes][pktlen c2s avg(stddev)/entropy: 0.0(98.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(71.0)/0.0][bytes ratio: 0.16]
+	12	TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(142.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/nest_log_sink.pcap.out b/tests/result/nest_log_sink.pcap.out
index ae68eecc8..fb62eaad1 100644
--- a/tests/result/nest_log_sink.pcap.out
+++ b/tests/result/nest_log_sink.pcap.out
@@ -1,17 +1,17 @@
 DNS	15	1612	1
 NestLogSink	759	116848	13
 
-	1	TCP 192.168.242.15:63342 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][37 pkts/14650 bytes <-> 35 pkts/4115 bytes][PLAIN TEXT (05CA02AC4414028)]
-	2	TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][PLAIN TEXT (05CA02AC4414028)]
-	3	TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][PLAIN TEXT (05CA02AC4414028)]
-	4	TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][PLAIN TEXT (05CA02AC4414028)]
-	5	TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][PLAIN TEXT (05CA02AC4414028)]
-	6	TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][PLAIN TEXT (05CA02AC4414028)]
-	7	TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][PLAIN TEXT (05CA02AC4414028)]
-	8	TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][PLAIN TEXT (05CA02AC4414028)]
-	9	TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][PLAIN TEXT (05CA02AC4414028)]
-	10	TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes]
-	11	TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][PLAIN TEXT (05CA02AC4414028)]
-	12	TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][PLAIN TEXT (05CA02AC4414028)]
-	13	TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][PLAIN TEXT (05CA02AC4414028)]
-	14	UDP 192.168.242.15:52849 <-> 192.168.242.1:53 [proto: 5/DNS][cat: Network/14][8 pkts/713 bytes <-> 7 pkts/899 bytes][Host: weave-logsink.nest.com][PLAIN TEXT (logsink)]
+	1	TCP 192.168.242.15:63342 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][37 pkts/14650 bytes <-> 35 pkts/4115 bytes][pktlen c2s avg(stddev)/entropy: 4.9(395.9)/191.9][pktlen s2c avg(stddev)/entropy: 5.0(117.6)/107.5][bytes ratio: 0.56][PLAIN TEXT (05CA02AC4414028)]
+	2	TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][pktlen c2s avg(stddev)/entropy: 4.9(405.9)/185.3][pktlen s2c avg(stddev)/entropy: 5.0(117.5)/107.3][bytes ratio: 0.56][PLAIN TEXT (05CA02AC4414028)]
+	3	TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][pktlen c2s avg(stddev)/entropy: 4.4(369.2)/204.4][pktlen s2c avg(stddev)/entropy: 4.2(121.5)/129.6][bytes ratio: 0.52][PLAIN TEXT (05CA02AC4414028)]
+	4	TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][pktlen c2s avg(stddev)/entropy: 4.4(364.6)/204.5][pktlen s2c avg(stddev)/entropy: 4.2(121.5)/129.4][bytes ratio: 0.52][PLAIN TEXT (05CA02AC4414028)]
+	5	TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][pktlen c2s avg(stddev)/entropy: 5.0(92.5)/96.8][pktlen s2c avg(stddev)/entropy: 5.0(91.0)/125.8][bytes ratio: 0.04][PLAIN TEXT (05CA02AC4414028)]
+	6	TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][pktlen c2s avg(stddev)/entropy: 5.0(97.9)/105.0][pktlen s2c avg(stddev)/entropy: 5.0(95.5)/136.5][bytes ratio: 0.05][PLAIN TEXT (05CA02AC4414028)]
+	7	TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][pktlen c2s avg(stddev)/entropy: 4.7(107.5)/114.0][pktlen s2c avg(stddev)/entropy: 4.4(105.6)/150.6][bytes ratio: 0.06][PLAIN TEXT (05CA02AC4414028)]
+	8	TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][pktlen c2s avg(stddev)/entropy: 4.3(116.2)/117.5][pktlen s2c avg(stddev)/entropy: 3.7(126.7)/180.8][bytes ratio: 0.03][PLAIN TEXT (05CA02AC4414028)]
+	9	TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][pktlen c2s avg(stddev)/entropy: 3.7(147.5)/137.0][pktlen s2c avg(stddev)/entropy: 3.0(178.5)/222.5][bytes ratio: 0.03][PLAIN TEXT (05CA02AC4414028)]
+	10	TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][pktlen c2s avg(stddev)/entropy: 5.0(61.3)/8.5][pktlen s2c avg(stddev)/entropy: 5.0(54.0)/0.0][bytes ratio: 0.08]
+	11	TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][pktlen c2s avg(stddev)/entropy: 2.9(233.2)/216.6][pktlen s2c avg(stddev)/entropy: 2.5(138.9)/199.2][bytes ratio: 0.30][PLAIN TEXT (05CA02AC4414028)]
+	12	TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][pktlen c2s avg(stddev)/entropy: 2.7(198.3)/195.5][pktlen s2c avg(stddev)/entropy: 2.5(139.0)/199.5][bytes ratio: 0.18][PLAIN TEXT (05CA02AC4414028)]
+	13	TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][pktlen c2s avg(stddev)/entropy: 2.7(198.3)/195.5][pktlen s2c avg(stddev)/entropy: 2.5(138.9)/199.2][bytes ratio: 0.18][PLAIN TEXT (05CA02AC4414028)]
+	14	UDP 192.168.242.15:52849 <-> 192.168.242.1:53 [proto: 5/DNS][cat: Network/14][8 pkts/713 bytes <-> 7 pkts/899 bytes][Host: weave-logsink.nest.com][pktlen c2s avg(stddev)/entropy: 3.0(89.1)/9.2][pktlen s2c avg(stddev)/entropy: 2.8(128.4)/35.1][bytes ratio: -0.12][PLAIN TEXT (logsink)]
diff --git a/tests/result/netflix.pcap.out b/tests/result/netflix.pcap.out
index bf05cc4c3..7d4577f9e 100644
--- a/tests/result/netflix.pcap.out
+++ b/tests/result/netflix.pcap.out
@@ -9,64 +9,64 @@ JA3 Host Stats:
 	1	 192.168.1.7              	 4      
 
 
-	1	TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Host: 23.246.11.141][PLAIN TEXT (oMrLRiWL2)]
-	2	TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Host: 23.246.3.140][PLAIN TEXT (oMrLRiWL)]
-	3	TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Host: 23.246.11.133][PLAIN TEXT (oMrLRiWL1)]
-	4	TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Host: tp.akam.nflximg.com][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)]
-	5	TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][TLSv1.2][client: art-s.nflximg.net][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: secure.cdn.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
-	6	TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Host: 23.246.11.141][PLAIN TEXT (oMrLRiWL2)]
-	7	TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Host: art-2.nflximg.net][PLAIN TEXT (GET /5758)]
-	8	TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	9	TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	10	TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2040 bytes <-> 34 pkts/45136 bytes][PLAIN TEXT (GET /range/0)]
-	11	TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][PLAIN TEXT (GET /range/0)]
-	12	TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Host: art-2.nflximg.net][PLAIN TEXT (GET /af)]
-	13	TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][PLAIN TEXT (GET /range/0)]
-	14	TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	15	TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Host: art-1.nflximg.net][PLAIN TEXT (GET /8b)]
-	16	TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][PLAIN TEXT (czGET /range/0)]
-	17	TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Host: art-1.nflximg.net][PLAIN TEXT (GET /4e)]
-	18	TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Host: appboot.netflix.com][PLAIN TEXT (POST /appboot/NFAPPL)]
-	19	TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][PLAIN TEXT (GET /range/0)]
-	20	TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][PLAIN TEXT (GET /range/0)]
-	21	TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][PLAIN TEXT (GET /range/0)]
-	22	TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: d8bfad189bd26664e04570c104ee8418][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	23	TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][PLAIN TEXT (fGET /range/0)]
-	24	TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][PLAIN TEXT (GET /range/0)]
-	25	TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][PLAIN TEXT (GET /range/0)]
-	26	TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][PLAIN TEXT (GET /range/0)]
-	27	TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	28	TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	29	TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][PLAIN TEXT (GET /range/0)]
-	30	TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][PLAIN TEXT (GET /range/0)]
-	31	TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][PLAIN TEXT (GET /range/0)]
-	32	TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	33	TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Host: api-global.netflix.com][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)]
-	34	TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	35	TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	36	TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Host: art-2.nflximg.net][PLAIN TEXT (GET /87)]
-	37	TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	38	TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	39	TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	40	TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	41	TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	42	TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	43	TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	44	TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	45	TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	46	TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	47	UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	48	UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)]
-	49	UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)]
-	50	UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)]
-	51	UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Host: ichnaea.geo.netflix.com][PLAIN TEXT (ichnaea)]
-	52	UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com][PLAIN TEXT (global)]
-	53	UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com][PLAIN TEXT (global)]
-	54	UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Host: ichnaea.us-west-2.prodaa.netflix.com][PLAIN TEXT (ichnaea)]
-	55	UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Host: appboot.netflix.com][PLAIN TEXT (appboot)]
-	56	UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Host: artwork.akam.nflximg.net][PLAIN TEXT (artwork)]
-	57	UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Host: sha2.san.akam.nflximg.net][PLAIN TEXT (akamaiedge)]
-	58	UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Host: a1907.dscg.akamai.net][PLAIN TEXT (akamai)]
-	59	UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Host: a803.dscg.akamai.net][PLAIN TEXT (akamai)]
-	60	TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/TLS.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes]
-	61	IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Host: 23.246.11.141][pktlen c2s avg(stddev)/entropy: 5.0(75.7)/68.6][pktlen s2c avg(stddev)/entropy: 5.0(1500.3)/116.2][bytes ratio: -0.95][PLAIN TEXT (oMrLRiWL2)]
+	2	TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Host: 23.246.3.140][pktlen c2s avg(stddev)/entropy: 4.6(80.3)/81.4][pktlen s2c avg(stddev)/entropy: 5.0(1493.7)/139.9][bytes ratio: -0.94][PLAIN TEXT (oMrLRiWL)]
+	3	TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Host: 23.246.11.133][pktlen c2s avg(stddev)/entropy: 4.6(79.1)/78.6][pktlen s2c avg(stddev)/entropy: 4.9(1487.1)/167.2][bytes ratio: -0.94][PLAIN TEXT (oMrLRiWL1)]
+	4	TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Host: tp.akam.nflximg.com][pktlen c2s avg(stddev)/entropy: 5.0(78.6)/20.9][pktlen s2c avg(stddev)/entropy: 5.0(1498.7)/140.2][bytes ratio: -0.97][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)]
+	5	TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][pktlen c2s avg(stddev)/entropy: 4.9(87.0)/38.8][pktlen s2c avg(stddev)/entropy: 4.8(1379.1)/401.2][bytes ratio: -0.93][TLSv1.2][client: art-s.nflximg.net][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: secure.cdn.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
+	6	TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Host: 23.246.11.141][pktlen c2s avg(stddev)/entropy: 4.6(88.1)/100.4][pktlen s2c avg(stddev)/entropy: 5.0(1463.8)/228.0][bytes ratio: -0.92][PLAIN TEXT (oMrLRiWL2)]
+	7	TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Host: art-2.nflximg.net][pktlen c2s avg(stddev)/entropy: 5.0(85.3)/38.3][pktlen s2c avg(stddev)/entropy: 5.0(1455.7)/273.5][bytes ratio: -0.95][PLAIN TEXT (GET /5758)]
+	8	TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][pktlen c2s avg(stddev)/entropy: 3.9(413.7)/553.3][pktlen s2c avg(stddev)/entropy: 4.2(588.1)/593.8][bytes ratio: -0.16][TLSv1.2][client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	9	TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][pktlen c2s avg(stddev)/entropy: 4.8(1091.7)/614.5][pktlen s2c avg(stddev)/entropy: 3.5(317.7)/491.5][bytes ratio: 0.73][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	10	TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2040 bytes <-> 34 pkts/45136 bytes][pktlen c2s avg(stddev)/entropy: 4.3(85.0)/70.8][pktlen s2c avg(stddev)/entropy: 4.9(1327.5)/457.1][bytes ratio: -0.91][PLAIN TEXT (GET /range/0)]
+	11	TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][pktlen c2s avg(stddev)/entropy: 4.1(89.0)/74.7][pktlen s2c avg(stddev)/entropy: 4.9(1327.6)/456.9][bytes ratio: -0.92][PLAIN TEXT (GET /range/0)]
+	12	TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Host: art-2.nflximg.net][pktlen c2s avg(stddev)/entropy: 4.8(93.3)/58.6][pktlen s2c avg(stddev)/entropy: 4.9(1378.5)/421.3][bytes ratio: -0.88][PLAIN TEXT (GET /af)]
+	13	TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][pktlen c2s avg(stddev)/entropy: 4.1(87.0)/75.3][pktlen s2c avg(stddev)/entropy: 4.9(1349.3)/442.6][bytes ratio: -0.92][PLAIN TEXT (GET /range/0)]
+	14	TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][pktlen c2s avg(stddev)/entropy: 3.7(210.9)/376.2][pktlen s2c avg(stddev)/entropy: 4.7(964.4)/637.4][bytes ratio: -0.71][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	15	TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Host: art-1.nflximg.net][pktlen c2s avg(stddev)/entropy: 3.4(101.8)/64.1][pktlen s2c avg(stddev)/entropy: 4.8(1414.4)/365.9][bytes ratio: -0.94][PLAIN TEXT (GET /8b)]
+	16	TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][pktlen c2s avg(stddev)/entropy: 4.7(83.7)/62.8][pktlen s2c avg(stddev)/entropy: 4.7(1294.6)/489.1][bytes ratio: -0.87][PLAIN TEXT (czGET /range/0)]
+	17	TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Host: art-1.nflximg.net][pktlen c2s avg(stddev)/entropy: 3.7(97.4)/80.8][pktlen s2c avg(stddev)/entropy: 4.5(1336.5)/428.1][bytes ratio: -0.91][PLAIN TEXT (GET /4e)]
+	18	TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Host: appboot.netflix.com][pktlen c2s avg(stddev)/entropy: 2.7(241.7)/404.6][pktlen s2c avg(stddev)/entropy: 4.4(1136.3)/584.3][bytes ratio: -0.78][PLAIN TEXT (POST /appboot/NFAPPL)]
+	19	TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][pktlen c2s avg(stddev)/entropy: 4.8(82.8)/61.0][pktlen s2c avg(stddev)/entropy: 4.4(1202.6)/563.7][bytes ratio: -0.83][PLAIN TEXT (GET /range/0)]
+	20	TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][pktlen c2s avg(stddev)/entropy: 4.3(85.0)/71.0][pktlen s2c avg(stddev)/entropy: 4.4(1202.6)/563.7][bytes ratio: -0.87][PLAIN TEXT (GET /range/0)]
+	21	TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][pktlen c2s avg(stddev)/entropy: 4.7(82.9)/62.5][pktlen s2c avg(stddev)/entropy: 4.3(1274.6)/516.6][bytes ratio: -0.83][PLAIN TEXT (GET /range/0)]
+	22	TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][pktlen c2s avg(stddev)/entropy: 3.3(290.2)/441.6][pktlen s2c avg(stddev)/entropy: 4.3(895.3)/626.2][bytes ratio: -0.57][TLSv1.2][client: api-global.netflix.com][JA3C: d8bfad189bd26664e04570c104ee8418][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	23	TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][pktlen c2s avg(stddev)/entropy: 4.8(80.4)/62.4][pktlen s2c avg(stddev)/entropy: 4.2(1159.2)/602.9][bytes ratio: -0.82][PLAIN TEXT (fGET /range/0)]
+	24	TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][pktlen c2s avg(stddev)/entropy: 5.0(84.2)/58.1][pktlen s2c avg(stddev)/entropy: 4.2(1212.1)/550.7][bytes ratio: -0.79][PLAIN TEXT (GET /range/0)]
+	25	TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][pktlen c2s avg(stddev)/entropy: 4.8(84.2)/60.5][pktlen s2c avg(stddev)/entropy: 4.2(1212.2)/550.7][bytes ratio: -0.80][PLAIN TEXT (GET /range/0)]
+	26	TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][pktlen c2s avg(stddev)/entropy: 4.7(85.1)/63.5][pktlen s2c avg(stddev)/entropy: 4.2(1159.5)/589.6][bytes ratio: -0.82][PLAIN TEXT (GET /range/0)]
+	27	TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][pktlen c2s avg(stddev)/entropy: 4.1(810.9)/699.9][pktlen s2c avg(stddev)/entropy: 2.8(308.7)/492.9][bytes ratio: 0.62][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	28	TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][pktlen c2s avg(stddev)/entropy: 3.4(237.4)/406.7][pktlen s2c avg(stddev)/entropy: 4.3(739.0)/541.9][bytes ratio: -0.54][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	29	TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][pktlen c2s avg(stddev)/entropy: 5.0(83.4)/58.9][pktlen s2c avg(stddev)/entropy: 4.0(1180.4)/569.7][bytes ratio: -0.77][PLAIN TEXT (GET /range/0)]
+	30	TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][pktlen c2s avg(stddev)/entropy: 4.8(84.7)/60.1][pktlen s2c avg(stddev)/entropy: 4.0(1118.7)/613.7][bytes ratio: -0.77][PLAIN TEXT (GET /range/0)]
+	31	TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][pktlen c2s avg(stddev)/entropy: 4.7(87.0)/63.5][pktlen s2c avg(stddev)/entropy: 4.0(1121.1)/610.6][bytes ratio: -0.79][PLAIN TEXT (GET /range/0)]
+	32	TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][pktlen c2s avg(stddev)/entropy: 3.4(485.7)/602.5][pktlen s2c avg(stddev)/entropy: 3.0(490.6)/610.3][bytes ratio: 0.15][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	33	TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Host: api-global.netflix.com][pktlen c2s avg(stddev)/entropy: 3.0(714.4)/676.3][pktlen s2c avg(stddev)/entropy: 2.6(500.3)/651.2][bytes ratio: 0.21][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)]
+	34	TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][pktlen c2s avg(stddev)/entropy: 3.0(314.5)/477.1][pktlen s2c avg(stddev)/entropy: 2.9(696.8)/667.4][bytes ratio: -0.23][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	35	TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][pktlen c2s avg(stddev)/entropy: 3.3(274.0)/437.3][pktlen s2c avg(stddev)/entropy: 3.1(414.4)/546.1][bytes ratio: -0.11][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	36	TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Host: art-2.nflximg.net][pktlen c2s avg(stddev)/entropy: 3.0(94.1)/72.5][pktlen s2c avg(stddev)/entropy: 3.1(1119.8)/643.7][bytes ratio: -0.86][PLAIN TEXT (GET /87)]
+	37	TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][pktlen c2s avg(stddev)/entropy: 3.1(382.0)/559.0][pktlen s2c avg(stddev)/entropy: 2.8(327.2)/501.4][bytes ratio: 0.19][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	38	TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][pktlen c2s avg(stddev)/entropy: 3.1(399.4)/568.6][pktlen s2c avg(stddev)/entropy: 2.7(342.7)/514.1][bytes ratio: 0.19][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	39	TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][pktlen c2s avg(stddev)/entropy: 2.9(325.2)/478.5][pktlen s2c avg(stddev)/entropy: 2.7(386.1)/534.2][bytes ratio: 0.01][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	40	TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][pktlen c2s avg(stddev)/entropy: 2.6(430.4)/532.6][pktlen s2c avg(stddev)/entropy: 2.4(507.4)/591.2][bytes ratio: 0.01][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	41	TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][pktlen c2s avg(stddev)/entropy: 3.9(145.3)/131.7][pktlen s2c avg(stddev)/entropy: 3.0(389.6)/519.8][bytes ratio: -0.34][TLSv1.2][client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	42	TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][pktlen c2s avg(stddev)/entropy: 2.6(222.1)/382.1][pktlen s2c avg(stddev)/entropy: 2.5(465.4)/579.1][bytes ratio: -0.24][TLSv1.2][client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	43	TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][pktlen c2s avg(stddev)/entropy: 2.6(253.4)/421.8][pktlen s2c avg(stddev)/entropy: 2.5(423.0)/511.9][bytes ratio: -0.13][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	44	TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][pktlen c2s avg(stddev)/entropy: 3.7(103.6)/78.3][pktlen s2c avg(stddev)/entropy: 2.6(417.1)/548.0][bytes ratio: -0.50][TLSv1.2][client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][organization: Netflix, Inc.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	45	TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][pktlen c2s avg(stddev)/entropy: 2.3(283.0)/419.0][pktlen s2c avg(stddev)/entropy: 1.9(354.9)/412.7][bytes ratio: 0.07][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	46	TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][pktlen c2s avg(stddev)/entropy: 3.3(107.8)/83.5][pktlen s2c avg(stddev)/entropy: 2.1(215.4)/296.5][bytes ratio: -0.14][TLSv1.2][client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	47	UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.0(165.5)/1.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	48	UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com][pktlen c2s avg(stddev)/entropy: 1.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(323.0)/48.0][bytes ratio: -0.60][PLAIN TEXT (netflix)]
+	49	UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com][pktlen c2s avg(stddev)/entropy: 1.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(323.0)/48.0][bytes ratio: -0.60][PLAIN TEXT (netflix)]
+	50	UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Host: ios.nccp.netflix.com][pktlen c2s avg(stddev)/entropy: 0.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(371.0)/0.0][bytes ratio: -0.65][PLAIN TEXT (netflix)]
+	51	UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Host: ichnaea.geo.netflix.com][pktlen c2s avg(stddev)/entropy: 0.0(83.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(248.0)/0.0][bytes ratio: -0.50][PLAIN TEXT (ichnaea)]
+	52	UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com][pktlen c2s avg(stddev)/entropy: 0.0(97.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(225.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (global)]
+	53	UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com][pktlen c2s avg(stddev)/entropy: 0.0(97.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(225.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (global)]
+	54	UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Host: ichnaea.us-west-2.prodaa.netflix.com][pktlen c2s avg(stddev)/entropy: 0.0(96.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(224.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (ichnaea)]
+	55	UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Host: appboot.netflix.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(192.0)/0.0][bytes ratio: -0.42][PLAIN TEXT (appboot)]
+	56	UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Host: artwork.akam.nflximg.net][pktlen c2s avg(stddev)/entropy: 0.0(84.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(148.0)/0.0][bytes ratio: -0.28][PLAIN TEXT (artwork)]
+	57	UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Host: sha2.san.akam.nflximg.net][pktlen c2s avg(stddev)/entropy: 0.0(85.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(137.0)/0.0][bytes ratio: -0.23][PLAIN TEXT (akamaiedge)]
+	58	UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Host: a1907.dscg.akamai.net][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(113.0)/0.0][bytes ratio: -0.16][PLAIN TEXT (akamai)]
+	59	UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Host: a803.dscg.akamai.net][pktlen c2s avg(stddev)/entropy: 0.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(112.0)/0.0][bytes ratio: -0.17][PLAIN TEXT (akamai)]
+	60	TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/TLS.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(63.0)/3.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	61	IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out
index 903ae840f..fd3f4545b 100644
--- a/tests/result/nintendo.pcap.out
+++ b/tests/result/nintendo.pcap.out
@@ -7,24 +7,24 @@ JA3 Host Stats:
 	1	 192.168.12.114           	 1      
 
 
-	1	UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][PLAIN TEXT (pluHnq)]
-	2	UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes]
-	3	UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][PLAIN TEXT (FutwCa)]
-	4	TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 64.178/TLS_No_Cert.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes]
-	5	TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][TLSv1.2][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Nintendo Co., Ltd.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	6	TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][TLSv1.2][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Nintendo Co., Ltd.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	7	UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes]
-	8	UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes]
-	9	UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes]
-	10	ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes]
-	11	UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net][PLAIN TEXT (nintendo)]
-	12	UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes]
-	13	ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes]
-	14	UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes]
-	15	UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)]
-	16	UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)]
-	17	UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes]
-	18	UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NATTestId)]
-	19	UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes]
-	20	UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes]
-	21	TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes]
+	1	UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][pktlen c2s avg(stddev)/entropy: 4.9(363.4)/191.2][pktlen s2c avg(stddev)/entropy: 5.0(454.2)/117.7][bytes ratio: -0.35][PLAIN TEXT (pluHnq)]
+	2	UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][pktlen c2s avg(stddev)/entropy: 5.0(396.2)/210.0][pktlen s2c avg(stddev)/entropy: 4.7(143.6)/128.5][bytes ratio: 0.81]
+	3	UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][pktlen c2s avg(stddev)/entropy: 5.0(381.0)/192.7][pktlen s2c avg(stddev)/entropy: 4.7(138.6)/123.7][bytes ratio: 0.80][PLAIN TEXT (FutwCa)]
+	4	TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 64.178/TLS_No_Cert.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][pktlen c2s avg(stddev)/entropy: 4.7(131.4)/85.6][pktlen s2c avg(stddev)/entropy: 3.7(201.1)/219.4][bytes ratio: 0.05]
+	5	TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][pktlen c2s avg(stddev)/entropy: 2.5(263.5)/387.3][pktlen s2c avg(stddev)/entropy: 2.4(486.5)/570.3][bytes ratio: -0.25][TLSv1.2][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Nintendo Co., Ltd.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	6	TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][pktlen c2s avg(stddev)/entropy: 2.3(283.3)/400.9][pktlen s2c avg(stddev)/entropy: 2.4(486.6)/570.5][bytes ratio: -0.26][TLSv1.2][client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Nintendo Co., Ltd.][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	7	UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][pktlen c2s avg(stddev)/entropy: 4.5(116.6)/27.1][pktlen s2c avg(stddev)/entropy: 3.4(213.0)/243.3][bytes ratio: -0.12]
+	8	UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][pktlen c2s avg(stddev)/entropy: 2.9(128.0)/40.7][pktlen s2c avg(stddev)/entropy: 2.9(128.0)/40.7][bytes ratio: 0.00]
+	9	UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes][pktlen c2s avg(stddev)/entropy: 2.9(130.0)/39.8][pktlen s2c avg(stddev)/entropy: 2.7(131.7)/42.3][bytes ratio: 0.06]
+	10	ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.4(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	11	UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net][pktlen c2s avg(stddev)/entropy: 2.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.0(100.0)/8.0][bytes ratio: -0.04][PLAIN TEXT (nintendo)]
+	12	UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(730.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	13	ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	14	UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.3(58.0)/0.0][bytes ratio: 0.00]
+	15	UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][pktlen c2s avg(stddev)/entropy: 0.0(110.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(281.0)/0.0][bytes ratio: -0.44][PLAIN TEXT (fb203858ebc)]
+	16	UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][pktlen c2s avg(stddev)/entropy: 0.0(110.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(281.0)/0.0][bytes ratio: -0.44][PLAIN TEXT (fb203858ebc)]
+	17	UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(118.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	18	UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(106.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NATTestId)]
+	19	UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(298.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	20	UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	21	TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 0.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.00]
diff --git a/tests/result/ocs.pcap.out b/tests/result/ocs.pcap.out
index 7354137cb..b40a2a29f 100644
--- a/tests/result/ocs.pcap.out
+++ b/tests/result/ocs.pcap.out
@@ -12,26 +12,26 @@ JA3 Host Stats:
 	1	 192.168.180.2            	 4      
 
 
-	1	TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][PLAIN TEXT (POST /catalog/vod)]
-	2	TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][TLSv1][client: ocs.labgency.ws][JA3C: 0534a22b266a64a5cc9a90f7b5c483cc]
-	3	TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr][PLAIN TEXT (GET /data)]
-	4	TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/TLS.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][TLSv1][client: settings.crashlytics.com][JA3C: b030dba3ca09e2e484b9fa75adc4039c]
-	5	TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][TLSv1.2][client: mtalk.google.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1]
-	6	TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/TLS.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66]
-	7	TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66]
-	8	TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][PLAIN TEXT (POST /catalog/vod)]
-	9	TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7.7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (GET /ip)]
-	10	TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7.7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (GET /xmpp)]
-	11	TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes]
-	12	UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com][PLAIN TEXT (device06)]
-	13	UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com][PLAIN TEXT (android)]
-	14	UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com][PLAIN TEXT (settings)]
-	15	UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (capptain)]
-	16	UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com][PLAIN TEXT (googleapis)]
-	17	UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][PLAIN TEXT (labgency)]
-	18	UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws][PLAIN TEXT (labgency)]
-	19	UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr]
+	1	TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][pktlen c2s avg(stddev)/entropy: 5.0(59.6)/25.1][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (POST /catalog/vod)]
+	2	TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.4(304.5)/368.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][TLSv1][client: ocs.labgency.ws][JA3C: 0534a22b266a64a5cc9a90f7b5c483cc]
+	3	TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr][pktlen c2s avg(stddev)/entropy: 4.9(65.2)/23.6][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /data)]
+	4	TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/TLS.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(135.8)/253.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][TLSv1][client: settings.crashlytics.com][JA3C: b030dba3ca09e2e484b9fa75adc4039c]
+	5	TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(184.3)/339.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][TLSv1.2][client: mtalk.google.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1]
+	6	TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/TLS.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.9(134.0)/165.6][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66]
+	7	TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(111.4)/106.3][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66]
+	8	TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][pktlen c2s avg(stddev)/entropy: 1.4(182.0)/287.1][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (POST /catalog/vod)]
+	9	TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7.7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][pktlen c2s avg(stddev)/entropy: 2.7(77.1)/37.3][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /ip)]
+	10	TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7.7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][pktlen c2s avg(stddev)/entropy: 2.3(79.8)/58.7][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /xmpp)]
+	11	TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	12	UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (device06)]
+	13	UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (android)]
+	14	UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (settings)]
+	15	UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (capptain)]
+	16	UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com][pktlen c2s avg(stddev)/entropy: 0.0(65.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (googleapis)]
+	17	UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][pktlen c2s avg(stddev)/entropy: 0.0(63.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (labgency)]
+	18	UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws][pktlen c2s avg(stddev)/entropy: 0.0(61.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (labgency)]
+	19	UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr][pktlen c2s avg(stddev)/entropy: 0.0(56.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
 
 
 Undetected flows:
-	1	TCP 192.168.180.2:46166 -> 137.135.131.52:5122 [proto: 0/Unknown][6 pkts/360 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.180.2:46166 -> 137.135.131.52:5122 [proto: 0/Unknown][6 pkts/360 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/ookla.pcap.out b/tests/result/ookla.pcap.out
index 3b67c5883..58423d35f 100644
--- a/tests/result/ookla.pcap.out
+++ b/tests/result/ookla.pcap.out
@@ -1,4 +1,4 @@
 Ookla	5086	4689745	2
 
-	1	TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][PLAIN TEXT ( 6HELLO 2.4 2016)]
-	2	TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 191/Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)]
+	1	TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][pktlen c2s avg(stddev)/entropy: 4.8(468.9)/642.3][pktlen s2c avg(stddev)/entropy: 5.0(1275.5)/526.9][bytes ratio: -0.56][PLAIN TEXT ( 6HELLO 2.4 2016)]
+	2	TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 191/Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][pktlen c2s avg(stddev)/entropy: 3.0(186.5)/168.4][pktlen s2c avg(stddev)/entropy: 2.6(260.2)/194.4][bytes ratio: 0.04][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)]
diff --git a/tests/result/openvpn.pcap.out b/tests/result/openvpn.pcap.out
index 9099d8a58..490c3ad6a 100644
--- a/tests/result/openvpn.pcap.out
+++ b/tests/result/openvpn.pcap.out
@@ -1,5 +1,5 @@
 OpenVPN	298	57111	3
 
-	1	UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][PLAIN TEXT (160727093158Z)]
-	2	TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][PLAIN TEXT (160630002150Z)]
-	3	UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][PLAIN TEXT (160727093158Z)]
+	1	UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][pktlen c2s avg(stddev)/entropy: 4.8(185.6)/193.0][pktlen s2c avg(stddev)/entropy: 4.4(287.3)/325.0][bytes ratio: -0.18][PLAIN TEXT (160727093158Z)]
+	2	TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][pktlen c2s avg(stddev)/entropy: 4.2(170.8)/235.8][pktlen s2c avg(stddev)/entropy: 4.9(154.2)/63.3][bytes ratio: -0.02][PLAIN TEXT (160630002150Z)]
+	3	UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][pktlen c2s avg(stddev)/entropy: 4.4(160.4)/192.4][pktlen s2c avg(stddev)/entropy: 5.0(167.6)/31.3][bytes ratio: 0.16][PLAIN TEXT (160727093158Z)]
diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out
index c8c26b57d..c2e345369 100644
--- a/tests/result/pps.pcap.out
+++ b/tests/result/pps.pcap.out
@@ -4,113 +4,113 @@ SSDP	63	17143	10
 Google	2	1093	1
 GenericProtocol	1429	1780307	49
 
-	1	TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
-	2	TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
-	3	TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/downloade)]
-	4	TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66][PLAIN TEXT (GET /videos/v)]
-	5	TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com][PLAIN TEXT (POST /bc2 HTTP/1.1)]
-	6	UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
-	7	TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com][PLAIN TEXT (GET /vi/500494600/562)]
-	8	TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	9	TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
-	10	TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)]
-	11	TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com][PLAIN TEXT (GET /20160625/a)]
-	12	TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	13	TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	14	TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /track2)]
-	15	TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /track2)]
-	16	TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
-	17	UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	18	UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	19	TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com][PLAIN TEXT (GET /clk)]
-	20	TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /2efc)]
-	21	TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
-	22	TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66][PLAIN TEXT (GET /videos/v)]
-	23	TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com][PLAIN TEXT (GET /mkt.gif)]
-	24	TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
-	25	TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
-	26	TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/downloadh)]
-	27	TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	28	TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	29	TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	30	TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	31	TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	32	TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	33	TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com][PLAIN TEXT (GET /pca3)]
-	34	TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	35	TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)]
-	36	UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	37	UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	38	UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	39	TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
-	40	TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /ccs HTTP/1.1)]
-	41	TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][PLAIN TEXT (GET /tmpstats.gif)]
-	42	TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	43	UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	44	TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /2efc)]
-	45	TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	46	TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	47	TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	48	TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	49	TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	50	TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com][PLAIN TEXT (GET /andc)]
-	51	TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)]
-	52	TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
-	53	TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com][PLAIN TEXT (GET /cityjson HTTP/1.1)]
-	54	TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/index.php/To)]
-	55	TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)]
-	56	TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	57	TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /k HTTP/1.1)]
-	58	TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][PLAIN TEXT (GET /apis/urc/setrc)]
-	59	TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][PLAIN TEXT (GET /apis/urc/setrc)]
-	60	TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
-	61	TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/Q)]
-	62	TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
-	63	TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
-	64	TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][PLAIN TEXT (GET /tmpstats.gif)]
-	65	TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
-	66	UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	67	TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 302 Found)]
-	68	TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
-	69	TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
-	70	UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	71	UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	72	TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes]
-	73	TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com][pktlen c2s avg(stddev)/entropy: 0.0(303.0)/0.0][pktlen s2c avg(stddev)/entropy: 5.0(1312.5)/34.0][bytes ratio: -1.00][PLAIN TEXT (GET /preimage/20160506/f0/1)]
+	2	TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com][pktlen c2s avg(stddev)/entropy: 0.0(303.0)/0.0][pktlen s2c avg(stddev)/entropy: 5.0(1311.9)/49.3][bytes ratio: -1.00][PLAIN TEXT (GET /preimage/20160506/f0/1)]
+	3	TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com][pktlen c2s avg(stddev)/entropy: 1.0(200.0)/2.0][pktlen s2c avg(stddev)/entropy: 5.0(1310.0)/50.0][bytes ratio: -1.00][PLAIN TEXT (GET /ext/common/qisu2/downloade)]
+	4	TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66][pktlen c2s avg(stddev)/entropy: 0.0(426.0)/0.0][pktlen s2c avg(stddev)/entropy: 4.7(1302.8)/56.2][bytes ratio: -0.98][PLAIN TEXT (GET /videos/v)]
+	5	TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com][pktlen c2s avg(stddev)/entropy: 3.3(1002.1)/433.8][pktlen s2c avg(stddev)/entropy: 3.6(1239.1)/214.6][bytes ratio: -0.15][PLAIN TEXT (POST /bc2 HTTP/1.1)]
+	6	UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.2(518.2)/30.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NOTIFY )]
+	7	TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(656.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.0(974.2)/179.7][bytes ratio: -0.71][PLAIN TEXT (GET /vi/500494600/562)]
+	8	TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 1.6(948.0)/2.8][pktlen s2c avg(stddev)/entropy: 1.6(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	9	TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][pktlen c2s avg(stddev)/entropy: 1.5(738.2)/576.6][pktlen s2c avg(stddev)/entropy: 0.0(356.0)/0.0][bytes ratio: 0.78][PLAIN TEXT (HTTP/1.1 200 OK)]
+	10	TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com][pktlen c2s avg(stddev)/entropy: 2.0(200.0)/1.6][pktlen s2c avg(stddev)/entropy: 2.0(528.0)/1.6][bytes ratio: -0.45][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)]
+	11	TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(311.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(1017.5)/296.5][bytes ratio: -0.73][PLAIN TEXT (GET /20160625/a)]
+	12	TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 1.0(949.0)/3.0][pktlen s2c avg(stddev)/entropy: 1.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	13	TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 1.0(946.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.81][PLAIN TEXT (GET /cp)]
+	14	TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.6(777.5)/536.5][pktlen s2c avg(stddev)/entropy: 0.0(306.0)/0.0][bytes ratio: 0.67][PLAIN TEXT (GET /track2)]
+	15	TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.6(777.5)/536.5][pktlen s2c avg(stddev)/entropy: 0.0(306.0)/0.0][bytes ratio: 0.67][PLAIN TEXT (GET /track2)]
+	16	TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.4(719.0)/595.0][pktlen s2c avg(stddev)/entropy: 0.0(194.0)/0.0][bytes ratio: 0.76][PLAIN TEXT (GET /b)]
+	17	UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	18	UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(171.0)/4.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	19	TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com][pktlen c2s avg(stddev)/entropy: 0.0(707.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(744.0)/0.0][bytes ratio: -0.03][PLAIN TEXT (GET /clk)]
+	20	TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(389.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(517.0)/0.0][bytes ratio: -0.45][PLAIN TEXT (GET /2efc)]
+	21	TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(1186.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(194.0)/0.0][bytes ratio: 0.72][PLAIN TEXT (GET /b)]
+	22	TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66][pktlen c2s avg(stddev)/entropy: 1.0(443.5)/13.5][pktlen s2c avg(stddev)/entropy: 0.0(443.0)/0.0][bytes ratio: 0.33][PLAIN TEXT (GET /videos/v)]
+	23	TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com][pktlen c2s avg(stddev)/entropy: 0.0(1004.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.7(150.5)/90.5][bytes ratio: 0.54][PLAIN TEXT (GET /mkt.gif)]
+	24	TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(1097.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.69][PLAIN TEXT (GET /b)]
+	25	TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(1100.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(194.0)/0.0][bytes ratio: 0.70][PLAIN TEXT (GET /b)]
+	26	TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(212.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(1063.0)/0.0][bytes ratio: -0.67][PLAIN TEXT (GET /ext/common/qisu2/downloadh)]
+	27	TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(947.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	28	TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(947.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	29	TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(946.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	30	TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(946.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	31	TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(944.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /core)]
+	32	TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(941.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.65][PLAIN TEXT (GET /cp)]
+	33	TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com][pktlen c2s avg(stddev)/entropy: 0.0(289.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(839.0)/0.0][bytes ratio: -0.49][PLAIN TEXT (GET /pca3)]
+	34	TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(919.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.64][PLAIN TEXT (GET /core)]
+	35	TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com][pktlen c2s avg(stddev)/entropy: 0.0(280.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(813.0)/0.0][bytes ratio: -0.49][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)]
+	36	UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(179.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	37	UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	38	UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	39	TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(946.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /cp)]
+	40	TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(604.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(291.0)/0.0][bytes ratio: 0.35][PLAIN TEXT (GET /ccs HTTP/1.1)]
+	41	TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(694.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.55][PLAIN TEXT (GET /tmpstats.gif)]
+	42	TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(683.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.55][PLAIN TEXT (GET /core)]
+	43	UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(175.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	44	TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(357.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(479.0)/0.0][bytes ratio: -0.15][PLAIN TEXT (GET /2efc)]
+	45	TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(629.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.52][PLAIN TEXT (GET /core)]
+	46	TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(622.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.52][PLAIN TEXT (GET /core)]
+	47	TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(614.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.51][PLAIN TEXT (GET /core)]
+	48	TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(587.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.49][PLAIN TEXT (GET /core)]
+	49	TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(573.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.48][PLAIN TEXT (GET /core)]
+	50	TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com][pktlen c2s avg(stddev)/entropy: 0.0(444.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(283.0)/0.0][bytes ratio: 0.22][PLAIN TEXT (GET /andc)]
+	51	TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(198.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(526.0)/0.0][bytes ratio: -0.45][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)]
+	52	TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][pktlen c2s avg(stddev)/entropy: 0.0(331.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(390.0)/0.0][bytes ratio: -0.08][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
+	53	TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(163.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.5(278.5)/218.5][bytes ratio: -0.55][PLAIN TEXT (GET /cityjson HTTP/1.1)]
+	54	TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][pktlen c2s avg(stddev)/entropy: 0.0(323.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(390.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (GET /comMagicanApi/index.php/To)]
+	55	TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(198.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(493.0)/0.0][bytes ratio: -0.43][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)]
+	56	TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(683.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /core)]
+	57	TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(253.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(430.0)/0.0][bytes ratio: -0.26][PLAIN TEXT (GET /k HTTP/1.1)]
+	58	TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(399.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(275.0)/0.0][bytes ratio: 0.18][PLAIN TEXT (GET /apis/urc/setrc)]
+	59	TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(399.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(275.0)/0.0][bytes ratio: 0.18][PLAIN TEXT (GET /apis/urc/setrc)]
+	60	TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(424.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(194.0)/0.0][bytes ratio: 0.37][PLAIN TEXT (GET /b)]
+	61	TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(198.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(420.0)/0.0][bytes ratio: -0.36][PLAIN TEXT (GET /ext/common/qisu2/Q)]
+	62	TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][pktlen c2s avg(stddev)/entropy: 0.0(417.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.35][PLAIN TEXT (GET /core)]
+	63	TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(394.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(194.0)/0.0][bytes ratio: 0.34][PLAIN TEXT (GET /b)]
+	64	TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][pktlen c2s avg(stddev)/entropy: 0.0(264.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(199.0)/0.0][bytes ratio: 0.14][PLAIN TEXT (GET /tmpstats.gif)]
+	65	TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(199.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (HTTP/1.1 200 OK)]
+	66	UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(179.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	67	TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(347.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (HTTP/1.1 302 Found)]
+	68	TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com][pktlen c2s avg(stddev)/entropy: 0.0(303.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (GET /preimage/20160506/f0/1)]
+	69	TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(199.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (HTTP/1.1 200 OK)]
+	70	UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(165.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	71	UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(130.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	72	TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	73	TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
 
 
 Undetected flows:
-	1	UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][PLAIN TEXT (lllllllh)]
-	2	UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][PLAIN TEXT (66666662)]
-	3	UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][PLAIN TEXT (YYYYYYY)]
-	4	UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][PLAIN TEXT (CCCCCCC)]
-	5	UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][PLAIN TEXT (hhhhhhhl)]
-	6	UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][PLAIN TEXT (bTTTUQX)]
-	7	UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)]
-	8	UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)]
-	9	UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes]
-	10	UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes]
-	11	UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes]
-	12	UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes]
-	13	UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][PLAIN TEXT (wsssss)]
-	14	UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes]
-	15	UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes]
-	16	UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][PLAIN TEXT (222222266)]
-	17	UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	18	UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	19	UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	20	UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	21	UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	22	UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	23	UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	24	UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	25	UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	26	UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	27	UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	28	UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	29	UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	30	UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	31	UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	32	UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	33	UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	34	UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+	1	UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][pktlen c2s avg(stddev)/entropy: 5.0(1107.0)/0.2][pktlen s2c avg(stddev)/entropy: 5.0(79.0)/0.2][bytes ratio: 0.74][PLAIN TEXT (lllllllh)]
+	2	UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][pktlen c2s avg(stddev)/entropy: 5.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 5.0(1107.0)/0.0][bytes ratio: -0.74][PLAIN TEXT (66666662)]
+	3	UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][pktlen c2s avg(stddev)/entropy: 4.9(1107.0)/0.0][pktlen s2c avg(stddev)/entropy: 5.0(79.0)/0.0][bytes ratio: 0.71][PLAIN TEXT (YYYYYYY)]
+	4	UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][pktlen c2s avg(stddev)/entropy: 5.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 3.5(1107.0)/0.0][bytes ratio: -0.64][PLAIN TEXT (CCCCCCC)]
+	5	UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][pktlen c2s avg(stddev)/entropy: 4.9(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 3.2(1004.2)/314.4][bytes ratio: -0.62][PLAIN TEXT (hhhhhhhl)]
+	6	UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][pktlen c2s avg(stddev)/entropy: 1.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.6(1107.7)/0.9][bytes ratio: -0.91][PLAIN TEXT (bTTTUQX)]
+	7	UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.8(128.0)/62.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (444444)]
+	8	UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.8(128.0)/62.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (444444)]
+	9	UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(150.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	10	UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(130.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	11	UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(130.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	12	UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(130.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	13	UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][pktlen c2s avg(stddev)/entropy: 0.0(87.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(85.0)/0.0][bytes ratio: -0.32][PLAIN TEXT (wsssss)]
+	14	UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(94.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	15	UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(87.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	16	UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (222222266)]
+	17	UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	18	UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	19	UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	20	UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	21	UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	22	UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	23	UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	24	UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	25	UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	26	UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	27	UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	28	UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	29	UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	30	UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	31	UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	32	UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	33	UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	34	UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/quic.pcap.out b/tests/result/quic.pcap.out
index b700cc82e..0cc2bb678 100644
--- a/tests/result/quic.pcap.out
+++ b/tests/result/quic.pcap.out
@@ -3,16 +3,16 @@ GMail	413	254874	1
 YouTube	85	76193	5
 Google	14	10427	3
 
-	1	UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com][PLAIN TEXT (mail.google.com)]
-	2	UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com][PLAIN TEXT (www.youtube.com)]
-	3	UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com][PLAIN TEXT (www.youtube.com)]
-	4	UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com][PLAIN TEXT (fonts.gstatic.com)]
-	5	UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)]
-	6	UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com][PLAIN TEXT (www.google.comO)]
-	7	UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)]
-	8	UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)]
-	9	UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes]
+	1	UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com][pktlen c2s avg(stddev)/entropy: 4.7(148.6)/207.3][pktlen s2c avg(stddev)/entropy: 4.6(916.4)/580.7][bytes ratio: -0.81][PLAIN TEXT (mail.google.com)]
+	2	UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com][pktlen c2s avg(stddev)/entropy: 3.5(211.0)/357.7][pktlen s2c avg(stddev)/entropy: 4.9(1208.1)/430.3][bytes ratio: -0.82][PLAIN TEXT (www.youtube.com)]
+	3	UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com][pktlen c2s avg(stddev)/entropy: 1.7(920.5)/538.2][pktlen s2c avg(stddev)/entropy: 1.2(954.3)/619.0][bytes ratio: 0.13][PLAIN TEXT (www.youtube.com)]
+	4	UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com][pktlen c2s avg(stddev)/entropy: 1.2(955.3)/617.5][pktlen s2c avg(stddev)/entropy: 1.2(954.3)/619.0][bytes ratio: 0.00][PLAIN TEXT (fonts.gstatic.com)]
+	5	UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com][pktlen c2s avg(stddev)/entropy: 1.0(1392.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(1392.0)/0.0][bytes ratio: 0.00][PLAIN TEXT (s.ytimg.com)]
+	6	UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com][pktlen c2s avg(stddev)/entropy: 0.6(516.7)/619.0][pktlen s2c avg(stddev)/entropy: 1.0(1392.0)/0.0][bytes ratio: -0.28][PLAIN TEXT (www.google.comO)]
+	7	UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com][pktlen c2s avg(stddev)/entropy: 0.3(735.5)/656.5][pktlen s2c avg(stddev)/entropy: 0.0(1392.0)/0.0][bytes ratio: 0.03][PLAIN TEXT (i.ytimg.com)]
+	8	UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com][pktlen c2s avg(stddev)/entropy: 0.0(1392.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(1392.0)/0.0][bytes ratio: 0.00][PLAIN TEXT (yt3.ggpht.com)]
+	9	UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes][pktlen c2s avg(stddev)/entropy: 0.9(120.5)/41.5][pktlen s2c avg(stddev)/entropy: 0.0(123.0)/0.0][bytes ratio: 0.32]
 
 
 Undetected flows:
-	1	UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes]
+	1	UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.4(1178.7)/477.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/quickplay.pcap.out b/tests/result/quickplay.pcap.out
index 83465b705..6d4fa6777 100644
--- a/tests/result/quickplay.pcap.out
+++ b/tests/result/quickplay.pcap.out
@@ -4,24 +4,24 @@ Google	2	378	1
 GenericProtocol	133	96179	11
 Amazon	2	1469	1
 
-	1	TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	2	TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	3	TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	4	TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	5	TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	6	TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com][PLAIN TEXT (GET /solr/RestApiSingTel)]
-	7	TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com][PLAIN TEXT (GET /solr/RestApiSingTel)]
-	8	TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	9	TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
-	10	TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com][PLAIN TEXT (GET /vstb/playlist)]
-	11	TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Host: api.account.xiaomi.com][PLAIN TEXT (GET /pass/v)]
-	12	TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Host: hkextshort.weixin.qq.com][PLAIN TEXT (POST http)]
-	13	TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Host: hkextshort.weixin.qq.com][PLAIN TEXT (POST http)]
-	14	TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Host: hkminorshort.weixin.qq.com][PLAIN TEXT (POST http)]
-	15	TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com][PLAIN TEXT (POST http)]
-	16	TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com][PLAIN TEXT (POST http)]
-	17	TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
-	18	TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
-	19	TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
-	20	TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com][PLAIN TEXT (GET /solr/RestApiSingTel)]
-	21	TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Host: clients3.google.com][PLAIN TEXT (GET /generate)]
+	1	TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 5.0(511.5)/26.6][pktlen s2c avg(stddev)/entropy: 4.7(933.3)/493.8][bytes ratio: -0.22][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	2	TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 3.8(502.0)/0.0][pktlen s2c avg(stddev)/entropy: 3.4(1143.5)/288.0][bytes ratio: -0.28][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	3	TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 2.3(502.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.5(1174.0)/263.5][bytes ratio: -0.17][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	4	TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 2.0(502.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.2(1013.3)/626.0][bytes ratio: -0.20][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	5	TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 2.0(502.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.2(758.7)/525.4][bytes ratio: -0.06][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	6	TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 1.0(422.0)/54.0][pktlen s2c avg(stddev)/entropy: 1.0(1418.0)/38.0][bytes ratio: -0.54][PLAIN TEXT (GET /solr/RestApiSingTel)]
+	7	TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 1.0(366.5)/1.5][pktlen s2c avg(stddev)/entropy: 1.0(1313.5)/66.5][bytes ratio: -0.56][PLAIN TEXT (GET /solr/RestApiSingTel)]
+	8	TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 1.6(502.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(1248.0)/0.0][bytes ratio: 0.09][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	9	TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 1.6(527.7)/39.1][pktlen s2c avg(stddev)/entropy: 0.0(1152.0)/0.0][bytes ratio: 0.16][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
+	10	TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 1.0(543.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(1225.0)/0.0][bytes ratio: -0.06][PLAIN TEXT (GET /vstb/playlist)]
+	11	TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Host: api.account.xiaomi.com][pktlen c2s avg(stddev)/entropy: 0.0(638.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(831.0)/0.0][bytes ratio: -0.13][PLAIN TEXT (GET /pass/v)]
+	12	TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Host: hkextshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 1.0(596.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(145.0)/0.0][bytes ratio: 0.78][PLAIN TEXT (POST http)]
+	13	TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Host: hkextshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 0.0(461.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(261.0)/0.0][bytes ratio: -0.06][PLAIN TEXT (POST http)]
+	14	TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Host: hkminorshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 0.0(681.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(262.0)/0.0][bytes ratio: 0.44][PLAIN TEXT (POST http)]
+	15	TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 0.0(616.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(261.0)/0.0][bytes ratio: 0.40][PLAIN TEXT (POST http)]
+	16	TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com][pktlen c2s avg(stddev)/entropy: 0.0(380.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(261.0)/0.0][bytes ratio: 0.19][PLAIN TEXT (POST http)]
+	17	TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(243.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(339.0)/0.0][bytes ratio: -0.16][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
+	18	TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(243.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(339.0)/0.0][bytes ratio: -0.16][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
+	19	TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(237.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(339.0)/0.0][bytes ratio: -0.18][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
+	20	TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com][pktlen c2s avg(stddev)/entropy: 0.0(358.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(109.0)/0.0][bytes ratio: 0.53][PLAIN TEXT (GET /solr/RestApiSingTel)]
+	21	TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Host: clients3.google.com][pktlen c2s avg(stddev)/entropy: 0.0(241.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(137.0)/0.0][bytes ratio: 0.28][PLAIN TEXT (GET /generate)]
diff --git a/tests/result/rdp.pcap.out b/tests/result/rdp.pcap.out
index 6d9ef37db..9a4cced97 100644
--- a/tests/result/rdp.pcap.out
+++ b/tests/result/rdp.pcap.out
@@ -1,3 +1,3 @@
 RDP	2010	622743	1
 
-	1	TCP 172.16.2.185:52494 <-> 192.168.2.142:3389 [proto: 88/RDP][cat: RemoteAccess/12][936 pkts/58890 bytes <-> 1074 pkts/563853 bytes][PLAIN TEXT (192.168.2.142)]
+	1	TCP 172.16.2.185:52494 <-> 192.168.2.142:3389 [proto: 88/RDP][cat: RemoteAccess/12][936 pkts/58890 bytes <-> 1074 pkts/563853 bytes][pktlen c2s avg(stddev)/entropy: 4.9(62.9)/44.3][pktlen s2c avg(stddev)/entropy: 4.4(525.0)/511.5][bytes ratio: -0.81][PLAIN TEXT (192.168.2.142)]
diff --git a/tests/result/rx.pcap.out b/tests/result/rx.pcap.out
index 65e8b3c06..e531a33e0 100644
--- a/tests/result/rx.pcap.out
+++ b/tests/result/rx.pcap.out
@@ -1,7 +1,7 @@
 RX	132	26475	5
 
-	1	UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes][PLAIN TEXT (UZ.SNS.IT)]
-	2	UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes][PLAIN TEXT (root.cell)]
-	3	UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes][PLAIN TEXT (UZ.SNS.IT)]
-	4	UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes]
-	5	UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes]
+	1	UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes][pktlen c2s avg(stddev)/entropy: 4.8(141.8)/116.8][pktlen s2c avg(stddev)/entropy: 4.7(179.6)/122.6][bytes ratio: 0.10][PLAIN TEXT (UZ.SNS.IT)]
+	2	UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes][pktlen c2s avg(stddev)/entropy: 4.2(101.8)/15.3][pktlen s2c avg(stddev)/entropy: 3.0(898.4)/410.8][bytes ratio: -0.63][PLAIN TEXT (root.cell)]
+	3	UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes][pktlen c2s avg(stddev)/entropy: 2.8(208.5)/182.6][pktlen s2c avg(stddev)/entropy: 3.3(105.7)/34.4][bytes ratio: 0.33][PLAIN TEXT (UZ.SNS.IT)]
+	4	UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][pktlen c2s avg(stddev)/entropy: 0.8(220.5)/113.5][pktlen s2c avg(stddev)/entropy: 0.0(78.0)/0.0][bytes ratio: 0.70]
+	5	UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][pktlen c2s avg(stddev)/entropy: 0.8(220.5)/113.5][pktlen s2c avg(stddev)/entropy: 0.0(78.0)/0.0][bytes ratio: 0.70]
diff --git a/tests/result/sip.pcap.out b/tests/result/sip.pcap.out
index 5cd5fe82e..d3b783109 100644
--- a/tests/result/sip.pcap.out
+++ b/tests/result/sip.pcap.out
@@ -2,7 +2,7 @@ RTP	9	1926	1
 SIP	102	47087	2
 RTCP	1	146	1
 
-	1	UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][53 pkts/21940 bytes <-> 31 pkts/15635 bytes][PLAIN TEXT (REGISTER sip)]
-	2	UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][15 pkts/7568 bytes <-> 3 pkts/1944 bytes][PLAIN TEXT (INVITE sip)]
-	3	UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][9 pkts/1926 bytes -> 0 pkts/0 bytes][PLAIN TEXT (VRUDKBuYs)]
-	4	UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 165/RTCP][cat: VoIP/10][1 pkts/146 bytes -> 0 pkts/0 bytes][PLAIN TEXT (11894297)]
+	1	UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][53 pkts/21940 bytes <-> 31 pkts/15635 bytes][pktlen c2s avg(stddev)/entropy: 4.4(414.0)/343.3][pktlen s2c avg(stddev)/entropy: 4.9(504.4)/85.4][bytes ratio: 0.17][PLAIN TEXT (REGISTER sip)]
+	2	UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][15 pkts/7568 bytes <-> 3 pkts/1944 bytes][pktlen c2s avg(stddev)/entropy: 3.8(504.5)/179.9][pktlen s2c avg(stddev)/entropy: 1.6(648.0)/8.0][bytes ratio: 0.59][PLAIN TEXT (INVITE sip)]
+	3	UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][9 pkts/1926 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(214.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (VRUDKBuYs)]
+	4	UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 165/RTCP][cat: VoIP/10][1 pkts/146 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(146.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (11894297)]
diff --git a/tests/result/skype-conference-call.pcap.out b/tests/result/skype-conference-call.pcap.out
index 4b405aa9e..d2887ba38 100644
--- a/tests/result/skype-conference-call.pcap.out
+++ b/tests/result/skype-conference-call.pcap.out
@@ -1,3 +1,3 @@
 SkypeCall	200	39687	1
 
-	1	UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes][PLAIN TEXT (vRKSoR)]
+	1	UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes][pktlen c2s avg(stddev)/entropy: 4.1(186.8)/244.4][pktlen s2c avg(stddev)/entropy: 4.4(221.5)/233.0][bytes ratio: 0.25][PLAIN TEXT (vRKSoR)]
diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out
index 1541c0928..348739f72 100644
--- a/tests/result/skype.pcap.out
+++ b/tests/result/skype.pcap.out
@@ -20,299 +20,299 @@ JA3 Host Stats:
 	1	 192.168.1.34             	 1      
 
 
-	1	TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/TLS.MS_OneDrive][cat: Cloud/13][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][TLSv1][server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
-	2	TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes][PLAIN TEXT ( 0sKWL)]
-	3	UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
-	4	TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][TLSv1.2][client: p05-keyvalueservice.icloud.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	5	TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes]
-	6	UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
-	7	TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 64.121/TLS_No_Cert.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes]
-	8	TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes]
-	9	TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes]
-	10	TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes]
-	11	TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes]
-	12	TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes]
-	13	TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][TLSv1][client: apps.skypeassets.com][JA3C: 799135475da362592a4be9199d258726]
-	14	TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][TLSv1][client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726]
-	15	UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 1573195445)]
-	16	UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 1573195445)]
-	17	UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)]
-	18	UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)]
-	19	TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 64.125/TLS_No_Cert.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][PLAIN TEXT (apps.skype.com)]
-	20	TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes]
-	21	TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes]
-	22	TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes]
-	23	TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes]
-	24	TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes]
-	25	TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes]
-	26	TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes]
-	27	TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes]
-	28	TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes]
-	29	TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes]
-	30	TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes]
-	31	TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes]
-	32	TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes]
-	33	TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes]
-	34	TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/TLS][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes]
-	35	TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes]
-	36	TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes]
-	37	TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes]
-	38	TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes]
-	39	TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes]
-	40	TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes]
-	41	TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes]
-	42	TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes]
-	43	TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes]
-	44	TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes]
-	45	TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/TLS][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes]
-	46	TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes]
-	47	TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes]
-	48	TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes]
-	49	TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes]
-	50	TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/TLS][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes]
-	51	TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes]
-	52	TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes]
-	53	TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes]
-	54	TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes]
-	55	TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes]
-	56	TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes]
-	57	TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes]
-	58	TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes]
-	59	TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes]
-	60	TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes]
-	61	TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes]
-	62	TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes]
-	63	TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes]
-	64	TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes]
-	65	TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/TLS][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes]
-	66	TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes]
-	67	TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes]
-	68	TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes]
-	69	TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes]
-	70	TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes]
-	71	TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes]
-	72	TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes]
-	73	TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes]
-	74	TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes]
-	75	TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes]
-	76	TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes]
-	77	TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes]
-	78	TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes]
-	79	TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes]
-	80	TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes]
-	81	TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes]
-	82	TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes]
-	83	TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes]
-	84	TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes]
-	85	TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes]
-	86	TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes]
-	87	TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes]
-	88	TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes]
-	89	UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes][PLAIN TEXT (afpovertc)]
-	90	UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes][PLAIN TEXT (afpovertc)]
-	91	TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes]
-	92	ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes]
-	93	UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][PLAIN TEXT (config)]
-	94	UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][PLAIN TEXT (config)]
-	95	UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
-	96	UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
-	97	UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
-	98	UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	99	UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net]
-	100	UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	101	UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net]
-	102	UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	103	UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	104	UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	105	UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	106	UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net]
-	107	UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net]
-	108	UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net]
-	109	UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net]
-	110	TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/TLS][cat: Web/5][8 pkts/608 bytes -> 0 pkts/0 bytes]
-	111	TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes]
-	112	UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
-	113	UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
-	114	UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
-	115	UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
-	116	UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net]
-	117	UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net]
-	118	UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
-	119	UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
-	120	TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/297 bytes <-> 3 pkts/186 bytes]
-	121	UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][5 pkts/430 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)]
-	122	TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes]
-	123	UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
-	124	UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	125	UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	126	UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	127	UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	128	UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes]
-	129	UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes]
-	130	UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)]
-	131	UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net][PLAIN TEXT (valueservice)]
-	132	UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes]
-	133	UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
-	134	UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
-	135	UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net][PLAIN TEXT (akamaiedge)]
-	136	TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes]
-	137	IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes]
-	138	UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	139	UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	140	UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	141	UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	142	UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	143	UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	144	UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	145	UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	146	UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	147	UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	148	UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	149	UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	150	UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	151	UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	152	UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	153	UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	154	UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	155	UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	156	UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	157	UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	158	UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	159	UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	160	UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	161	UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	162	UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	163	UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	164	UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	165	UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	166	UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	167	UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	168	UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	169	UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	170	UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	171	UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	172	UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	173	UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	174	UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	175	UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	176	UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	177	UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	178	UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	179	UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	180	UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	181	UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	182	UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	183	UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	184	UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	185	UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	186	UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	187	UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	188	UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	189	UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	190	UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	191	UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	192	UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	193	UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	194	UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	195	UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	196	UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	197	UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	198	UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	199	UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	200	UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	201	UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	202	UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	203	UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	204	UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	205	UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	206	UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	207	UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	208	UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	209	UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	210	UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	211	UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	212	UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	213	UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	214	UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	215	UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	216	UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	217	UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	218	UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	219	UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	220	UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	221	UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	222	UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	223	UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	224	UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	225	UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	226	UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	227	UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	228	UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	229	UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	230	UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	231	UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	232	UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	233	UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	234	UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	235	UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	236	UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	237	UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	238	UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	239	UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	240	UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	241	UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	242	UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	243	UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	244	UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	245	UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	246	UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	247	UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	248	UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	249	UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	250	UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	251	UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	252	UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	253	UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	254	UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	255	UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	256	UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	257	UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	258	UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	259	UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	260	UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	261	UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	262	UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	263	UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	264	UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	265	UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	266	UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	267	UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	268	UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	269	UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	270	UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	271	UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	272	UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	273	UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	274	UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	275	IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	276	IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	277	UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	278	UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	279	UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	280	UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	281	UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	282	IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.221/TLS.MS_OneDrive][cat: Cloud/13][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][pktlen c2s avg(stddev)/entropy: 3.9(227.5)/423.1][pktlen s2c avg(stddev)/entropy: 4.8(777.8)/552.7][bytes ratio: -0.57][TLSv1][server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+	2	TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes][pktlen c2s avg(stddev)/entropy: 4.3(260.7)/342.9][pktlen s2c avg(stddev)/entropy: 3.7(433.2)/569.4][bytes ratio: -0.27][PLAIN TEXT ( 0sKWL)]
+	3	UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 5.0(373.2)/28.8][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NOTIFY )]
+	4	TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][pktlen c2s avg(stddev)/entropy: 4.1(224.1)/261.3][pktlen s2c avg(stddev)/entropy: 4.2(247.7)/323.6][bytes ratio: -0.05][TLSv1.2][client: p05-keyvalueservice.icloud.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	5	TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][62 pkts/6941 bytes <-> 38 pkts/5325 bytes][pktlen c2s avg(stddev)/entropy: 5.0(112.0)/115.1][pktlen s2c avg(stddev)/entropy: 4.7(140.1)/200.8][bytes ratio: 0.13]
+	6	UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.8(520.1)/30.8][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NOTIFY )]
+	7	TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 64.121/TLS_No_Cert.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes][pktlen c2s avg(stddev)/entropy: 2.6(204.5)/138.5][pktlen s2c avg(stddev)/entropy: 2.3(543.0)/477.0][bytes ratio: -0.45]
+	8	TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][24 pkts/3136 bytes <-> 19 pkts/2618 bytes][pktlen c2s avg(stddev)/entropy: 3.8(130.7)/185.2][pktlen s2c avg(stddev)/entropy: 3.4(137.8)/225.7][bytes ratio: 0.09]
+	9	TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes][pktlen c2s avg(stddev)/entropy: 3.8(299.2)/147.0][pktlen s2c avg(stddev)/entropy: 1.8(93.0)/45.9][bytes ratio: 0.86]
+	10	TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][19 pkts/2797 bytes <-> 13 pkts/2175 bytes][pktlen c2s avg(stddev)/entropy: 3.4(147.2)/204.7][pktlen s2c avg(stddev)/entropy: 2.8(167.3)/267.5][bytes ratio: 0.13]
+	11	TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][18 pkts/2588 bytes <-> 13 pkts/2100 bytes][pktlen c2s avg(stddev)/entropy: 3.3(143.8)/211.7][pktlen s2c avg(stddev)/entropy: 2.7(161.5)/269.5][bytes ratio: 0.10]
+	12	TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][15 pkts/2395 bytes <-> 8 pkts/1724 bytes][pktlen c2s avg(stddev)/entropy: 3.0(159.7)/228.3][pktlen s2c avg(stddev)/entropy: 2.0(215.5)/331.7][bytes ratio: 0.16]
+	13	TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 4.0(212.1)/81.1][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.96][TLSv1][client: apps.skypeassets.com][JA3C: 799135475da362592a4be9199d258726]
+	14	TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 3.9(216.3)/72.3][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.96][TLSv1][client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726]
+	15	UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 1573195445)]
+	16	UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 1573195445)]
+	17	UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 3375359593)]
+	18	UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 3375359593)]
+	19	TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 64.125/TLS_No_Cert.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][pktlen c2s avg(stddev)/entropy: 3.4(178.3)/77.4][pktlen s2c avg(stddev)/entropy: 1.6(66.7)/5.7][bytes ratio: 0.83][PLAIN TEXT (apps.skype.com)]
+	20	TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/1578 bytes <-> 4 pkts/342 bytes][pktlen c2s avg(stddev)/entropy: 3.3(143.5)/55.8][pktlen s2c avg(stddev)/entropy: 1.9(85.5)/33.0][bytes ratio: 0.64]
+	21	TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes][pktlen c2s avg(stddev)/entropy: 2.2(201.8)/151.4][pktlen s2c avg(stddev)/entropy: 2.5(111.0)/45.0][bytes ratio: 0.29]
+	22	TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes][pktlen c2s avg(stddev)/entropy: 3.7(119.5)/27.3][pktlen s2c avg(stddev)/entropy: 1.6(66.7)/5.7][bytes ratio: 0.77]
+	23	TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1090 bytes <-> 6 pkts/534 bytes][pktlen c2s avg(stddev)/entropy: 3.7(77.9)/27.9][pktlen s2c avg(stddev)/entropy: 2.5(89.0)/32.0][bytes ratio: 0.34]
+	24	TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes][pktlen c2s avg(stddev)/entropy: 3.7(107.1)/21.3][pktlen s2c avg(stddev)/entropy: 1.6(66.7)/5.7][bytes ratio: 0.75]
+	25	TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(108.8)/30.7][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.64]
+	26	TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.4(110.7)/34.2][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.55]
+	27	TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(104.1)/27.8][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.63]
+	28	TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes][pktlen c2s avg(stddev)/entropy: 3.0(86.8)/93.3][pktlen s2c avg(stddev)/entropy: 3.2(62.3)/4.9][bytes ratio: 0.26]
+	29	TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes][pktlen c2s avg(stddev)/entropy: 3.5(105.8)/28.8][pktlen s2c avg(stddev)/entropy: 1.6(81.0)/15.9][bytes ratio: 0.68]
+	30	TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][15 pkts/1138 bytes <-> 4 pkts/372 bytes][pktlen c2s avg(stddev)/entropy: 3.8(75.9)/24.1][pktlen s2c avg(stddev)/entropy: 1.9(93.0)/26.1][bytes ratio: 0.51]
+	31	TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1075 bytes <-> 4 pkts/431 bytes][pktlen c2s avg(stddev)/entropy: 3.8(76.8)/24.1][pktlen s2c avg(stddev)/entropy: 1.9(107.8)/36.9][bytes ratio: 0.43]
+	32	TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1100 bytes <-> 5 pkts/395 bytes][pktlen c2s avg(stddev)/entropy: 3.8(78.6)/22.3][pktlen s2c avg(stddev)/entropy: 2.3(79.0)/25.4][bytes ratio: 0.47]
+	33	TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes][pktlen c2s avg(stddev)/entropy: 3.5(100.6)/25.7][pktlen s2c avg(stddev)/entropy: 1.5(92.3)/31.8][bytes ratio: 0.63]
+	34	TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/TLS][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes][pktlen c2s avg(stddev)/entropy: 3.5(101.8)/26.4][pktlen s2c avg(stddev)/entropy: 1.6(77.0)/10.4][bytes ratio: 0.68]
+	35	TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1062 bytes <-> 4 pkts/383 bytes][pktlen c2s avg(stddev)/entropy: 3.8(75.9)/20.9][pktlen s2c avg(stddev)/entropy: 2.0(95.8)/24.1][bytes ratio: 0.47]
+	36	TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes][pktlen c2s avg(stddev)/entropy: 3.8(77.4)/18.0][pktlen s2c avg(stddev)/entropy: 1.9(89.8)/40.3][bytes ratio: 0.50]
+	37	TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes][pktlen c2s avg(stddev)/entropy: 3.6(78.5)/27.7][pktlen s2c avg(stddev)/entropy: 1.9(105.2)/38.8][bytes ratio: 0.42]
+	38	TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1010 bytes <-> 5 pkts/402 bytes][pktlen c2s avg(stddev)/entropy: 3.6(77.7)/25.1][pktlen s2c avg(stddev)/entropy: 2.3(80.4)/21.1][bytes ratio: 0.43]
+	39	TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes][pktlen c2s avg(stddev)/entropy: 3.5(95.9)/23.3][pktlen s2c avg(stddev)/entropy: 1.5(86.7)/23.8][bytes ratio: 0.63]
+	40	TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1040 bytes <-> 4 pkts/362 bytes][pktlen c2s avg(stddev)/entropy: 3.8(74.3)/15.5][pktlen s2c avg(stddev)/entropy: 2.0(90.5)/19.4][bytes ratio: 0.48]
+	41	TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/397 bytes][pktlen c2s avg(stddev)/entropy: 3.6(77.2)/23.5][pktlen s2c avg(stddev)/entropy: 1.9(99.2)/34.5][bytes ratio: 0.43]
+	42	TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.4(95.5)/24.3][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.50]
+	43	TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes][pktlen c2s avg(stddev)/entropy: 3.6(77.7)/25.1][pktlen s2c avg(stddev)/entropy: 1.9(97.5)/29.1][bytes ratio: 0.44]
+	44	TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes][pktlen c2s avg(stddev)/entropy: 3.8(77.5)/18.5][pktlen s2c avg(stddev)/entropy: 1.9(78.8)/21.5][bytes ratio: 0.55]
+	45	TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/TLS][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes][pktlen c2s avg(stddev)/entropy: 3.4(103.6)/29.2][pktlen s2c avg(stddev)/entropy: 1.5(83.3)/19.1][bytes ratio: 0.64]
+	46	TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes][pktlen c2s avg(stddev)/entropy: 3.7(75.0)/16.2][pktlen s2c avg(stddev)/entropy: 1.9(103.0)/33.9][bytes ratio: 0.41]
+	47	TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/391 bytes][pktlen c2s avg(stddev)/entropy: 3.6(76.5)/23.5][pktlen s2c avg(stddev)/entropy: 1.9(97.8)/31.1][bytes ratio: 0.44]
+	48	TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/995 bytes <-> 4 pkts/386 bytes][pktlen c2s avg(stddev)/entropy: 3.7(76.5)/21.2][pktlen s2c avg(stddev)/entropy: 1.9(96.5)/34.1][bytes ratio: 0.44]
+	49	TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/380 bytes][pktlen c2s avg(stddev)/entropy: 3.6(76.9)/22.5][pktlen s2c avg(stddev)/entropy: 1.9(95.0)/41.1][bytes ratio: 0.45]
+	50	TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/TLS][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes][pktlen c2s avg(stddev)/entropy: 3.7(90.5)/16.7][pktlen s2c avg(stddev)/entropy: 1.6(66.7)/5.7][bytes ratio: 0.71]
+	51	TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes][pktlen c2s avg(stddev)/entropy: 3.6(76.9)/22.5][pktlen s2c avg(stddev)/entropy: 1.9(92.8)/37.2][bytes ratio: 0.46]
+	52	TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/971 bytes <-> 4 pkts/399 bytes][pktlen c2s avg(stddev)/entropy: 3.7(74.7)/15.2][pktlen s2c avg(stddev)/entropy: 1.9(99.8)/38.6][bytes ratio: 0.42]
+	53	TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes][pktlen c2s avg(stddev)/entropy: 3.7(75.2)/16.7][pktlen s2c avg(stddev)/entropy: 1.9(96.0)/26.2][bytes ratio: 0.44]
+	54	TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes][pktlen c2s avg(stddev)/entropy: 3.5(78.3)/27.2][pktlen s2c avg(stddev)/entropy: 2.3(83.0)/26.2][bytes ratio: 0.39]
+	55	TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/407 bytes][pktlen c2s avg(stddev)/entropy: 3.5(79.0)/29.3][pktlen s2c avg(stddev)/entropy: 1.9(101.8)/32.0][bytes ratio: 0.40]
+	56	TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes][pktlen c2s avg(stddev)/entropy: 3.7(76.4)/20.7][pktlen s2c avg(stddev)/entropy: 1.9(90.0)/32.5][bytes ratio: 0.47]
+	57	TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes][pktlen c2s avg(stddev)/entropy: 3.5(89.5)/20.7][pktlen s2c avg(stddev)/entropy: 1.5(92.3)/31.8][bytes ratio: 0.59]
+	58	TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes][pktlen c2s avg(stddev)/entropy: 3.5(91.8)/21.5][pktlen s2c avg(stddev)/entropy: 1.6(82.3)/17.7][bytes ratio: 0.63]
+	59	TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes][pktlen c2s avg(stddev)/entropy: 3.5(92.4)/21.7][pktlen s2c avg(stddev)/entropy: 1.6(78.7)/12.7][bytes ratio: 0.65]
+	60	TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes][pktlen c2s avg(stddev)/entropy: 3.7(77.2)/17.4][pktlen s2c avg(stddev)/entropy: 1.9(83.5)/29.6][bytes ratio: 0.50]
+	61	TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes][pktlen c2s avg(stddev)/entropy: 3.4(97.6)/25.5][pktlen s2c avg(stddev)/entropy: 1.5(84.7)/21.0][bytes ratio: 0.62]
+	62	TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes][pktlen c2s avg(stddev)/entropy: 3.7(77.7)/18.9][pktlen s2c avg(stddev)/entropy: 1.9(79.2)/22.4][bytes ratio: 0.52]
+	63	TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes][pktlen c2s avg(stddev)/entropy: 3.5(90.7)/21.1][pktlen s2c avg(stddev)/entropy: 1.6(78.7)/12.7][bytes ratio: 0.64]
+	64	TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes][pktlen c2s avg(stddev)/entropy: 3.7(76.1)/13.5][pktlen s2c avg(stddev)/entropy: 1.9(80.8)/24.9][bytes ratio: 0.51]
+	65	TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/TLS][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.4(87.3)/21.0][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.46]
+	66	TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes][pktlen c2s avg(stddev)/entropy: 3.5(80.8)/28.7][pktlen s2c avg(stddev)/entropy: 1.9(84.2)/30.9][bytes ratio: 0.48]
+	67	TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes][pktlen c2s avg(stddev)/entropy: 3.5(86.6)/19.9][pktlen s2c avg(stddev)/entropy: 1.5(89.0)/27.1][bytes ratio: 0.59]
+	68	TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes][pktlen c2s avg(stddev)/entropy: 3.6(74.9)/16.3][pktlen s2c avg(stddev)/entropy: 2.3(81.2)/22.7][bytes ratio: 0.38]
+	69	TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/982 bytes <-> 4 pkts/322 bytes][pktlen c2s avg(stddev)/entropy: 3.7(75.5)/11.7][pktlen s2c avg(stddev)/entropy: 1.9(80.5)/24.5][bytes ratio: 0.51]
+	70	TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.3(100.2)/28.9][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.56]
+	71	TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes][pktlen c2s avg(stddev)/entropy: 3.4(76.0)/20.0][pktlen s2c avg(stddev)/entropy: 2.2(88.4)/37.0][bytes ratio: 0.31]
+	72	TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes][pktlen c2s avg(stddev)/entropy: 3.4(76.5)/21.4][pktlen s2c avg(stddev)/entropy: 2.2(85.8)/31.8][bytes ratio: 0.32]
+	73	TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes][pktlen c2s avg(stddev)/entropy: 3.4(90.8)/18.2][pktlen s2c avg(stddev)/entropy: 2.0(66.5)/5.0][bytes ratio: 0.58]
+	74	TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes][pktlen c2s avg(stddev)/entropy: 3.5(86.0)/19.8][pktlen s2c avg(stddev)/entropy: 1.6(76.7)/10.0][bytes ratio: 0.64]
+	75	TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes][pktlen c2s avg(stddev)/entropy: 3.4(78.7)/28.3][pktlen s2c avg(stddev)/entropy: 2.3(79.2)/18.7][bytes ratio: 0.37]
+	76	TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/411 bytes][pktlen c2s avg(stddev)/entropy: 3.4(76.6)/21.9][pktlen s2c avg(stddev)/entropy: 1.9(102.8)/39.7][bytes ratio: 0.34]
+	77	TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/994 bytes <-> 2 pkts/243 bytes][pktlen c2s avg(stddev)/entropy: 3.7(76.5)/14.8][pktlen s2c avg(stddev)/entropy: 0.9(121.5)/43.5][bytes ratio: 0.61]
+	78	TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes][pktlen c2s avg(stddev)/entropy: 3.4(74.5)/15.7][pktlen s2c avg(stddev)/entropy: 2.3(83.2)/26.6][bytes ratio: 0.33]
+	79	TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes][pktlen c2s avg(stddev)/entropy: 3.4(76.6)/21.9][pktlen s2c avg(stddev)/entropy: 1.9(96.5)/43.7][bytes ratio: 0.37]
+	80	TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes][pktlen c2s avg(stddev)/entropy: 3.4(74.7)/16.3][pktlen s2c avg(stddev)/entropy: 1.9(97.5)/27.7][bytes ratio: 0.36]
+	81	TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.3(85.7)/21.7][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.42]
+	82	TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/827 bytes <-> 3 pkts/325 bytes][pktlen c2s avg(stddev)/entropy: 3.4(75.2)/17.6][pktlen s2c avg(stddev)/entropy: 1.5(108.3)/45.8][bytes ratio: 0.44]
+	83	TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.1(95.8)/28.1][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.50]
+	84	TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/935 bytes <-> 2 pkts/197 bytes][pktlen c2s avg(stddev)/entropy: 3.5(77.9)/19.4][pktlen s2c avg(stddev)/entropy: 1.0(98.5)/24.5][bytes ratio: 0.65]
+	85	TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes][pktlen c2s avg(stddev)/entropy: 3.3(87.2)/22.1][pktlen s2c avg(stddev)/entropy: 1.6(79.0)/13.1][bytes ratio: 0.57]
+	86	TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/838 bytes <-> 3 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 3.4(76.2)/13.8][pktlen s2c avg(stddev)/entropy: 1.5(90.0)/28.5][bytes ratio: 0.51]
+	87	TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.1(91.3)/25.3][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.49]
+	88	TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/814 bytes <-> 3 pkts/287 bytes][pktlen c2s avg(stddev)/entropy: 3.4(74.0)/14.2][pktlen s2c avg(stddev)/entropy: 1.5(95.7)/27.9][bytes ratio: 0.48]
+	89	UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(227.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (afpovertc)]
+	90	UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(207.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (afpovertc)]
+	91	TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes][pktlen c2s avg(stddev)/entropy: 2.5(69.5)/25.5][pktlen s2c avg(stddev)/entropy: 1.8(88.0)/45.1][bytes ratio: 0.08]
+	92	ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	93	UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][pktlen c2s avg(stddev)/entropy: 2.8(93.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	94	UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][pktlen c2s avg(stddev)/entropy: 2.8(93.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	95	UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com][pktlen c2s avg(stddev)/entropy: 3.2(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	96	UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][pktlen c2s avg(stddev)/entropy: 3.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (akadns)]
+	97	UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][pktlen c2s avg(stddev)/entropy: 3.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (akadns)]
+	98	UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	99	UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	100	UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	101	UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	102	UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	103	UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	104	UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	105	UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	106	UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	107	UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	108	UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	109	UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	110	TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/TLS][cat: Web/5][8 pkts/608 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(76.0)/5.3][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	111	TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes][pktlen c2s avg(stddev)/entropy: 2.6(58.8)/8.8][pktlen s2c avg(stddev)/entropy: 2.0(61.5)/2.6][bytes ratio: 0.18]
+	112	UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	113	UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	114	UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	115	UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	116	UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	117	UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	118	UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	119	UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	120	TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/297 bytes <-> 3 pkts/186 bytes][pktlen c2s avg(stddev)/entropy: 1.4(99.0)/47.7][pktlen s2c avg(stddev)/entropy: 1.6(62.0)/2.8][bytes ratio: 0.23]
+	121	UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][5 pkts/430 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SpotUdp)]
+	122	TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][pktlen c2s avg(stddev)/entropy: 1.6(63.7)/10.3][pktlen s2c avg(stddev)/entropy: 1.6(62.0)/2.8][bytes ratio: 0.01]
+	123	UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com][pktlen c2s avg(stddev)/entropy: 2.3(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	124	UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	125	UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	126	UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	127	UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	128	UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	129	UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	130	UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][pktlen c2s avg(stddev)/entropy: 0.0(101.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(166.0)/0.0][bytes ratio: -0.24][PLAIN TEXT (MSGR5011709)]
+	131	UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net][pktlen c2s avg(stddev)/entropy: 0.0(101.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(133.0)/0.0][bytes ratio: -0.14][PLAIN TEXT (valueservice)]
+	132	UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(90.0)/0.0][bytes ratio: 0.00]
+	133	UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(98.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (akamaiedge)]
+	134	UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(98.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (akamaiedge)]
+	135	UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(98.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (akamaiedge)]
+	136	TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: 0.29]
+	137	IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(46.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	138	UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	139	UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	140	UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	141	UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	142	UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	143	UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	144	UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	145	UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	146	UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	147	UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	148	UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	149	UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	150	UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	151	UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	152	UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	153	UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	154	UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	155	UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	156	UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	157	UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	158	UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	159	UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	160	UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	161	UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	162	UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	163	UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	164	UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	165	UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	166	UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	167	UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	168	UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	169	UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	170	UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	171	UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	172	UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	173	UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	174	UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	175	UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	176	UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	177	UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	178	UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	179	UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	180	UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	181	UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	182	UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	183	UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	184	UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	185	UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	186	UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	187	UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	188	UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	189	UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	190	UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	191	UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	192	UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	193	UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	194	UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	195	UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	196	UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	197	UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	198	UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	199	UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	200	UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	201	UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	202	UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	203	UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	204	UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	205	UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	206	UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	207	UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	208	UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	209	UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	210	UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	211	UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	212	UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	213	UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	214	UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	215	UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	216	UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	217	UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	218	UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	219	UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	220	UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	221	UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	222	UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	223	UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	224	UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	225	UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	226	UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	227	UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	228	UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	229	UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	230	UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	231	UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	232	UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	233	UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	234	UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	235	UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	236	UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	237	UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	238	UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	239	UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	240	UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	241	UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	242	UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	243	UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	244	UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	245	UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	246	UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	247	UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	248	UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	249	UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	250	UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	251	UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	252	UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	253	UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	254	UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	255	UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	256	UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	257	UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	258	UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	259	UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	260	UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	261	UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	262	UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	263	UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	264	UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	265	UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	266	UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	267	UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	268	UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	269	UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	270	UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	271	UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	272	UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	273	UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	274	UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	275	IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	276	IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	277	UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	278	UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	279	UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	280	UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	281	UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	282	IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(46.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
 
 
 Undetected flows:
-	1	TCP 192.168.1.34:50121 <-> 81.83.77.141:17639 [proto: 0/Unknown][24 pkts/3101 bytes <-> 16 pkts/2508 bytes]
-	2	TCP 192.168.1.34:50131 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/4406 bytes <-> 8 pkts/705 bytes]
-	3	TCP 192.168.1.34:50133 <-> 149.13.32.15:13392 [proto: 0/Unknown][9 pkts/1968 bytes <-> 7 pkts/632 bytes]
-	4	TCP 192.168.1.34:50127 <-> 80.14.46.121:4415 [proto: 0/Unknown][16 pkts/1169 bytes <-> 11 pkts/929 bytes]
-	5	TCP 192.168.1.34:50124 <-> 81.133.19.185:44431 [proto: 0/Unknown][11 pkts/854 bytes <-> 11 pkts/782 bytes]
-	6	TCP 192.168.1.34:50142 <-> 80.14.46.121:4415 [proto: 0/Unknown][12 pkts/985 bytes <-> 6 pkts/489 bytes]
-	7	TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes]
-	8	TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes]
-	9	UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes]
-	10	UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes]
-	11	TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes]
+	1	TCP 192.168.1.34:50121 <-> 81.83.77.141:17639 [proto: 0/Unknown][24 pkts/3101 bytes <-> 16 pkts/2508 bytes][pktlen c2s avg(stddev)/entropy: 3.8(129.2)/181.2][pktlen s2c avg(stddev)/entropy: 3.0(156.8)/267.4][bytes ratio: 0.11]
+	2	TCP 192.168.1.34:50131 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/4406 bytes <-> 8 pkts/705 bytes][pktlen c2s avg(stddev)/entropy: 2.3(400.5)/547.2][pktlen s2c avg(stddev)/entropy: 2.8(88.1)/56.5][bytes ratio: 0.72]
+	3	TCP 192.168.1.34:50133 <-> 149.13.32.15:13392 [proto: 0/Unknown][9 pkts/1968 bytes <-> 7 pkts/632 bytes][pktlen c2s avg(stddev)/entropy: 1.7(218.7)/424.0][pktlen s2c avg(stddev)/entropy: 2.7(90.3)/44.8][bytes ratio: 0.51]
+	4	TCP 192.168.1.34:50127 <-> 80.14.46.121:4415 [proto: 0/Unknown][16 pkts/1169 bytes <-> 11 pkts/929 bytes][pktlen c2s avg(stddev)/entropy: 4.0(73.1)/13.0][pktlen s2c avg(stddev)/entropy: 3.4(84.5)/20.4][bytes ratio: 0.11]
+	5	TCP 192.168.1.34:50124 <-> 81.133.19.185:44431 [proto: 0/Unknown][11 pkts/854 bytes <-> 11 pkts/782 bytes][pktlen c2s avg(stddev)/entropy: 3.4(77.6)/17.4][pktlen s2c avg(stddev)/entropy: 3.4(71.1)/8.8][bytes ratio: 0.04]
+	6	TCP 192.168.1.34:50142 <-> 80.14.46.121:4415 [proto: 0/Unknown][12 pkts/985 bytes <-> 6 pkts/489 bytes][pktlen c2s avg(stddev)/entropy: 3.5(82.1)/20.9][pktlen s2c avg(stddev)/entropy: 2.5(81.5)/22.3][bytes ratio: 0.34]
+	7	TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes][pktlen c2s avg(stddev)/entropy: 3.3(79.7)/22.9][pktlen s2c avg(stddev)/entropy: 2.0(85.5)/19.8][bytes ratio: 0.40]
+	8	TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(76.0)/5.3][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	9	UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	10	UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	11	TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/12.0][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.28]
diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out
index 81fdd9577..2de0e2460 100644
--- a/tests/result/skype_no_unknown.pcap.out
+++ b/tests/result/skype_no_unknown.pcap.out
@@ -18,273 +18,273 @@ JA3 Host Stats:
 	1	 192.168.1.34             	 1      
 
 
-	1	TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/TLS.MS_OneDrive][cat: Cloud/13][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][TLSv1][server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
-	2	TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes][PLAIN TEXT (nZREBS)]
-	3	TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 64.140/TLS_No_Cert.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes][PLAIN TEXT (/tBGEll)]
-	4	UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
-	5	TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes]
-	6	TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes]
-	7	TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][TLSv1][client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726]
-	8	TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes]
-	9	TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 64.121/TLS_No_Cert.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes][PLAIN TEXT (ZeNjsq)]
-	10	TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 64.125/TLS_No_Cert.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][PLAIN TEXT (apps.skype.com)]
-	11	TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes]
-	12	TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/TLS][cat: Web/5][13 pkts/1437 bytes <-> 3 pkts/200 bytes]
-	13	TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1333 bytes <-> 3 pkts/251 bytes]
-	14	TCP 192.168.1.34:51261 <-> 157.55.235.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1284 bytes <-> 3 pkts/285 bytes]
-	15	TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/TLS][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes]
-	16	TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes]
-	17	TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes]
-	18	TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes]
-	19	TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes]
-	20	TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes]
-	21	TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes]
-	22	TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes]
-	23	TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes]
-	24	TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes]
-	25	TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes]
-	26	TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes]
-	27	TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes]
-	28	TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes]
-	29	TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes]
-	30	TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes]
-	31	TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes]
-	32	TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes]
-	33	TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes]
-	34	TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes]
-	35	TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes]
-	36	TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes]
-	37	TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes]
-	38	TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes]
-	39	TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes]
-	40	TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes]
-	41	TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes]
-	42	TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes]
-	43	TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes]
-	44	TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/TLS][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes]
-	45	TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes]
-	46	TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes]
-	47	TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes]
-	48	TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes]
-	49	TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes]
-	50	TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes]
-	51	TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes]
-	52	TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes]
-	53	TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes]
-	54	TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes]
-	55	TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes]
-	56	UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)]
-	57	TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes]
-	58	TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes]
-	59	UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 1573195445)]
-	60	UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 1573195445)]
-	61	UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)]
-	62	UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)]
-	63	TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes]
-	64	UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)]
-	65	TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes]
-	66	UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
-	67	UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
-	68	UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	69	UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	70	UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net]
-	71	UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	72	UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net]
-	73	UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
-	74	UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net]
-	75	UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net]
-	76	TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes]
-	77	UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
-	78	UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][PLAIN TEXT (config)]
-	79	UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
-	80	UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
-	81	UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][PLAIN TEXT (config)]
-	82	UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net]
-	83	UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net]
-	84	UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
-	85	UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
-	86	TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes]
-	87	TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/TLS][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes]
-	88	UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EBEMEJEDEFEHEBFEEFCACACACACACA)]
-	89	UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDENEBEDECEPEPELFAFCEP)]
-	90	TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/237 bytes <-> 3 pkts/186 bytes]
-	91	TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes]
-	92	TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes]
-	93	UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	94	UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
-	95	ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes]
-	96	UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes]
-	97	UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes]
-	98	UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)]
-	99	UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes]
-	100	UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
-	101	TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes]
-	102	UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
-	103	UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
-	104	UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local]
-	105	UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
-	106	UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
-	107	UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com][PLAIN TEXT (skypeassets)]
-	108	UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	109	UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	110	UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	111	UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	112	UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	113	UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	114	UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	115	UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	116	UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	117	UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	118	UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	119	UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
-	120	UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	121	UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	122	UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	123	UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	124	UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	125	UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	126	UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	127	UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
-	128	UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	129	UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	130	UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	131	UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	132	UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	133	UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	134	UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	135	UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	136	UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	137	UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	138	UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
-	139	UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	140	UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	141	UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	142	UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	143	UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	144	UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	145	UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	146	UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	147	UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	148	UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	149	UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	150	UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	151	UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
-	152	UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	153	UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	154	UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	155	UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	156	UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	157	UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	158	UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
-	159	UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	160	UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	161	UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	162	UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	163	UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	164	UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	165	UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	166	UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	167	UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	168	UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	169	UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	170	UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	171	UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
-	172	UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	173	UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	174	UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	175	UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	176	UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	177	UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	178	UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	179	UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	180	UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	181	UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	182	UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	183	UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
-	184	UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	185	UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	186	UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	187	UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	188	UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	189	UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	190	UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	191	UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	192	UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
-	193	UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	194	UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	195	UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	196	UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	197	UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	198	UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	199	UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	200	UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	201	UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	202	UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
-	203	UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	204	UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	205	UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	206	UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	207	UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
-	208	UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	209	UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	210	UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	211	UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	212	UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	213	UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
-	214	UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	215	UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	216	UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	217	UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	218	UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	219	UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	220	UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	221	UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	222	UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	223	UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	224	UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	225	UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	226	UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	227	UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	228	UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
-	229	UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	230	UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	231	UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	232	UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	233	UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	234	UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	235	UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	236	UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	237	UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	238	UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	239	UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	240	UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	241	UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	242	UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	243	UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	244	UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	245	UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	246	UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
-	247	IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	248	IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	249	IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	250	UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	251	UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	252	UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	253	UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	254	UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	255	IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.221/TLS.MS_OneDrive][cat: Cloud/13][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][pktlen c2s avg(stddev)/entropy: 3.9(235.2)/432.7][pktlen s2c avg(stddev)/entropy: 4.6(783.8)/564.7][bytes ratio: -0.57][TLSv1][server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
+	2	TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes][pktlen c2s avg(stddev)/entropy: 4.4(303.8)/405.8][pktlen s2c avg(stddev)/entropy: 3.8(611.6)/625.9][bytes ratio: -0.32][PLAIN TEXT (nZREBS)]
+	3	TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 64.140/TLS_No_Cert.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes][pktlen c2s avg(stddev)/entropy: 4.1(239.0)/273.4][pktlen s2c avg(stddev)/entropy: 4.1(276.3)/358.4][bytes ratio: -0.07][PLAIN TEXT (/tBGEll)]
+	4	UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 5.0(372.3)/28.7][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (NOTIFY )]
+	5	TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][17 pkts/2686 bytes <-> 13 pkts/2218 bytes][pktlen c2s avg(stddev)/entropy: 3.3(158.0)/214.6][pktlen s2c avg(stddev)/entropy: 2.8(170.6)/266.9][bytes ratio: 0.10]
+	6	TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/2194 bytes <-> 8 pkts/1711 bytes][pktlen c2s avg(stddev)/entropy: 2.7(182.8)/250.3][pktlen s2c avg(stddev)/entropy: 1.9(213.9)/332.2][bytes ratio: 0.12]
+	7	TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 3.9(216.3)/72.3][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.96][TLSv1][client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726]
+	8	TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes][pktlen c2s avg(stddev)/entropy: 3.3(270.2)/156.2][pktlen s2c avg(stddev)/entropy: 1.5(96.7)/37.9][bytes ratio: 0.84]
+	9	TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 64.121/TLS_No_Cert.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(204.5)/138.5][pktlen s2c avg(stddev)/entropy: 1.3(543.0)/477.0][bytes ratio: -0.45][PLAIN TEXT (ZeNjsq)]
+	10	TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 64.125/TLS_No_Cert.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 3.3(188.5)/72.7][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.93][PLAIN TEXT (apps.skype.com)]
+	11	TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes][pktlen c2s avg(stddev)/entropy: 3.7(111.2)/23.1][pktlen s2c avg(stddev)/entropy: 2.0(66.5)/5.0][bytes ratio: 0.69]
+	12	TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/TLS][cat: Web/5][13 pkts/1437 bytes <-> 3 pkts/200 bytes][pktlen c2s avg(stddev)/entropy: 3.7(110.5)/22.8][pktlen s2c avg(stddev)/entropy: 1.6(66.7)/5.7][bytes ratio: 0.76]
+	13	TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1333 bytes <-> 3 pkts/251 bytes][pktlen c2s avg(stddev)/entropy: 3.5(111.1)/32.3][pktlen s2c avg(stddev)/entropy: 1.5(83.7)/19.6][bytes ratio: 0.68]
+	14	TCP 192.168.1.34:51261 <-> 157.55.235.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1284 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(107.0)/29.6][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.64]
+	15	TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/TLS][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes][pktlen c2s avg(stddev)/entropy: 3.5(107.6)/30.0][pktlen s2c avg(stddev)/entropy: 1.6(80.7)/15.4][bytes ratio: 0.68]
+	16	TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(102.9)/27.1][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.62]
+	17	TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes][pktlen c2s avg(stddev)/entropy: 3.5(104.1)/27.8][pktlen s2c avg(stddev)/entropy: 1.5(88.3)/26.1][bytes ratio: 0.65]
+	18	TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1104 bytes <-> 5 pkts/392 bytes][pktlen c2s avg(stddev)/entropy: 3.8(78.9)/23.3][pktlen s2c avg(stddev)/entropy: 2.3(78.4)/24.2][bytes ratio: 0.48]
+	19	TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1106 bytes <-> 5 pkts/385 bytes][pktlen c2s avg(stddev)/entropy: 3.8(79.0)/23.8][pktlen s2c avg(stddev)/entropy: 2.3(77.0)/21.5][bytes ratio: 0.48]
+	20	TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1070 bytes <-> 4 pkts/420 bytes][pktlen c2s avg(stddev)/entropy: 3.8(76.4)/22.9][pktlen s2c avg(stddev)/entropy: 1.9(105.0)/38.7][bytes ratio: 0.44]
+	21	TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes][pktlen c2s avg(stddev)/entropy: 3.7(79.8)/26.6][pktlen s2c avg(stddev)/entropy: 1.9(84.2)/30.9][bytes ratio: 0.54]
+	22	TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes][pktlen c2s avg(stddev)/entropy: 3.4(105.8)/30.7][pktlen s2c avg(stddev)/entropy: 1.5(89.3)/27.5][bytes ratio: 0.63]
+	23	TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.2(107.7)/34.5][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.51]
+	24	TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes][pktlen c2s avg(stddev)/entropy: 3.8(75.6)/12.0][pktlen s2c avg(stddev)/entropy: 1.9(91.8)/43.7][bytes ratio: 0.49]
+	25	TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes][pktlen c2s avg(stddev)/entropy: 3.6(77.8)/25.3][pktlen s2c avg(stddev)/entropy: 1.9(103.8)/41.3][bytes ratio: 0.42]
+	26	TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][14 pkts/1093 bytes <-> 4 pkts/333 bytes][pktlen c2s avg(stddev)/entropy: 3.8(78.1)/22.8][pktlen s2c avg(stddev)/entropy: 1.9(83.2)/25.5][bytes ratio: 0.53]
+	27	TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(94.2)/22.5][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.60]
+	28	TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(94.2)/22.5][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.60]
+	29	TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.5(91.2)/21.3][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.59]
+	30	TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.3(102.2)/30.3][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.49]
+	31	TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/991 bytes <-> 4 pkts/378 bytes][pktlen c2s avg(stddev)/entropy: 3.6(76.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.0(94.5)/22.9][bytes ratio: 0.45]
+	32	TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes][pktlen c2s avg(stddev)/entropy: 3.6(77.4)/24.0][pktlen s2c avg(stddev)/entropy: 1.9(90.2)/32.9][bytes ratio: 0.47]
+	33	TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.3(101.2)/29.6][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.48]
+	34	TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][13 pkts/976 bytes <-> 4 pkts/365 bytes][pktlen c2s avg(stddev)/entropy: 3.7(75.1)/16.4][pktlen s2c avg(stddev)/entropy: 1.9(91.2)/34.7][bytes ratio: 0.46]
+	35	TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes][pktlen c2s avg(stddev)/entropy: 3.7(75.8)/12.7][pktlen s2c avg(stddev)/entropy: 1.9(86.0)/33.9][bytes ratio: 0.48]
+	36	TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes][pktlen c2s avg(stddev)/entropy: 3.7(75.5)/17.7][pktlen s2c avg(stddev)/entropy: 1.9(87.0)/27.3][bytes ratio: 0.48]
+	37	TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes][pktlen c2s avg(stddev)/entropy: 3.7(77.2)/17.4][pktlen s2c avg(stddev)/entropy: 1.9(79.5)/22.8][bytes ratio: 0.52]
+	38	TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/948 bytes <-> 4 pkts/349 bytes][pktlen c2s avg(stddev)/entropy: 3.5(79.0)/22.9][pktlen s2c avg(stddev)/entropy: 1.9(87.2)/36.0][bytes ratio: 0.46]
+	39	TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes][pktlen c2s avg(stddev)/entropy: 3.5(79.2)/23.7][pktlen s2c avg(stddev)/entropy: 1.9(85.2)/32.6][bytes ratio: 0.47]
+	40	TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes][pktlen c2s avg(stddev)/entropy: 3.4(78.0)/26.1][pktlen s2c avg(stddev)/entropy: 2.2(85.2)/30.6][bytes ratio: 0.34]
+	41	TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes][pktlen c2s avg(stddev)/entropy: 3.4(77.8)/25.5][pktlen s2c avg(stddev)/entropy: 2.3(81.8)/23.9][bytes ratio: 0.35]
+	42	TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/861 bytes <-> 4 pkts/397 bytes][pktlen c2s avg(stddev)/entropy: 3.4(78.3)/26.9][pktlen s2c avg(stddev)/entropy: 1.9(99.2)/30.0][bytes ratio: 0.37]
+	43	TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes][pktlen c2s avg(stddev)/entropy: 3.4(76.7)/22.2][pktlen s2c avg(stddev)/entropy: 2.3(82.6)/25.5][bytes ratio: 0.34]
+	44	TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/TLS][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.3(97.2)/26.9][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.55]
+	45	TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.3(90.2)/23.2][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.44]
+	46	TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes][pktlen c2s avg(stddev)/entropy: 3.4(74.1)/14.4][pktlen s2c avg(stddev)/entropy: 2.2(84.6)/29.4][bytes ratio: 0.32]
+	47	TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/942 bytes <-> 3 pkts/284 bytes][pktlen c2s avg(stddev)/entropy: 3.5(78.5)/27.7][pktlen s2c avg(stddev)/entropy: 1.5(94.7)/29.2][bytes ratio: 0.54]
+	48	TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/832 bytes <-> 4 pkts/387 bytes][pktlen c2s avg(stddev)/entropy: 3.4(75.6)/18.9][pktlen s2c avg(stddev)/entropy: 1.9(96.8)/44.1][bytes ratio: 0.37]
+	49	TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes][pktlen c2s avg(stddev)/entropy: 3.3(85.2)/21.6][pktlen s2c avg(stddev)/entropy: 1.9(87.8)/33.2][bytes ratio: 0.42]
+	50	TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/916 bytes <-> 3 pkts/281 bytes][pktlen c2s avg(stddev)/entropy: 3.6(76.3)/14.3][pktlen s2c avg(stddev)/entropy: 1.5(93.7)/33.6][bytes ratio: 0.53]
+	51	TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/862 bytes <-> 3 pkts/314 bytes][pktlen c2s avg(stddev)/entropy: 3.4(78.4)/20.5][pktlen s2c avg(stddev)/entropy: 1.4(104.7)/49.1][bytes ratio: 0.47]
+	52	TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes][pktlen c2s avg(stddev)/entropy: 3.2(78.5)/27.6][pktlen s2c avg(stddev)/entropy: 1.9(94.5)/40.3][bytes ratio: 0.35]
+	53	TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes][pktlen c2s avg(stddev)/entropy: 3.3(87.2)/22.1][pktlen s2c avg(stddev)/entropy: 1.5(95.0)/35.5][bytes ratio: 0.51]
+	54	TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][12 pkts/931 bytes <-> 2 pkts/219 bytes][pktlen c2s avg(stddev)/entropy: 3.6(77.6)/18.3][pktlen s2c avg(stddev)/entropy: 0.9(109.5)/35.5][bytes ratio: 0.62]
+	55	TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/855 bytes <-> 3 pkts/287 bytes][pktlen c2s avg(stddev)/entropy: 3.4(77.7)/18.5][pktlen s2c avg(stddev)/entropy: 1.5(95.7)/36.4][bytes ratio: 0.50]
+	56	UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes][pktlen c2s avg(stddev)/entropy: 2.4(159.7)/78.7][pktlen s2c avg(stddev)/entropy: 1.0(92.0)/0.0][bytes ratio: 0.68][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)]
+	57	TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][11 pkts/848 bytes <-> 3 pkts/286 bytes][pktlen c2s avg(stddev)/entropy: 3.4(77.1)/16.6][pktlen s2c avg(stddev)/entropy: 1.5(95.3)/36.0][bytes ratio: 0.50]
+	58	TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes][pktlen c2s avg(stddev)/entropy: 1.7(168.5)/102.7][pktlen s2c avg(stddev)/entropy: 1.9(111.0)/45.0][bytes ratio: 0.21]
+	59	UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 1573195445)]
+	60	UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 1573195445)]
+	61	UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 3375359593)]
+	62	UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 3375359593)]
+	63	TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes][pktlen c2s avg(stddev)/entropy: 2.8(81.6)/23.8][pktlen s2c avg(stddev)/entropy: 1.5(95.3)/36.0][bytes ratio: 0.33]
+	64	UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.8(97.1)/8.1][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)]
+	65	TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes][pktlen c2s avg(stddev)/entropy: 2.6(58.8)/8.8][pktlen s2c avg(stddev)/entropy: 2.3(61.2)/2.4][bytes ratio: 0.07]
+	66	UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][pktlen c2s avg(stddev)/entropy: 3.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (akadns)]
+	67	UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][pktlen c2s avg(stddev)/entropy: 3.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (akadns)]
+	68	UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	69	UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	70	UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	71	UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	72	UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	73	UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][pktlen c2s avg(stddev)/entropy: 2.8(89.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypedata)]
+	74	UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	75	UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	76	TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes][pktlen c2s avg(stddev)/entropy: 2.6(58.8)/8.8][pktlen s2c avg(stddev)/entropy: 2.0(61.5)/2.6][bytes ratio: 0.18]
+	77	UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com][pktlen c2s avg(stddev)/entropy: 3.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	78	UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	79	UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	80	UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	81	UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (config)]
+	82	UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	83	UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net][pktlen c2s avg(stddev)/entropy: 2.8(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	84	UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	85	UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][pktlen c2s avg(stddev)/entropy: 2.8(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	86	TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes][pktlen c2s avg(stddev)/entropy: 1.4(97.7)/45.8][pktlen s2c avg(stddev)/entropy: 1.6(62.0)/2.8][bytes ratio: 0.22]
+	87	TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/TLS][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	88	UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(226.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EBEMEJEDEFEHEBFEEFCACACACACACA)]
+	89	UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(216.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EMFFEDEBFDENEBEDECEPEPELFAFCEP)]
+	90	TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/237 bytes <-> 3 pkts/186 bytes][pktlen c2s avg(stddev)/entropy: 1.5(79.0)/20.8][pktlen s2c avg(stddev)/entropy: 1.6(62.0)/2.8][bytes ratio: 0.12]
+	91	TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][pktlen c2s avg(stddev)/entropy: 1.6(63.7)/10.3][pktlen s2c avg(stddev)/entropy: 1.6(62.0)/2.8][bytes ratio: 0.01]
+	92	TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][pktlen c2s avg(stddev)/entropy: 1.6(63.7)/10.3][pktlen s2c avg(stddev)/entropy: 1.6(62.0)/2.8][bytes ratio: 0.01]
+	93	UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	94	UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(174.5)/0.5][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
+	95	ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	96	UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	97	UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.3(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	98	UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][pktlen c2s avg(stddev)/entropy: 0.0(101.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(166.0)/0.0][bytes ratio: -0.24][PLAIN TEXT (MSGR5011709)]
+	99	UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(129.0)/33.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	100	UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(216.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
+	101	TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/12.0][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.28]
+	102	UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(98.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (akamaiedge)]
+	103	UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(98.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (akamaiedge)]
+	104	UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local][pktlen c2s avg(stddev)/entropy: 0.0(142.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	105	UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
+	106	UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
+	107	UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com][pktlen c2s avg(stddev)/entropy: 0.0(80.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (skypeassets)]
+	108	UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	109	UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	110	UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	111	UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	112	UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	113	UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	114	UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	115	UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	116	UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	117	UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	118	UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	119	UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	120	UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	121	UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	122	UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	123	UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	124	UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	125	UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	126	UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	127	UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	128	UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	129	UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	130	UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	131	UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	132	UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	133	UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	134	UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	135	UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	136	UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	137	UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	138	UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	139	UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	140	UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	141	UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	142	UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	143	UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	144	UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	145	UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	146	UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	147	UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	148	UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	149	UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	150	UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	151	UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	152	UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	153	UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	154	UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	155	UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	156	UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	157	UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	158	UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	159	UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	160	UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	161	UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	162	UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	163	UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	164	UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	165	UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	166	UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	167	UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	168	UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	169	UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	170	UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	171	UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	172	UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	173	UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	174	UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	175	UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	176	UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	177	UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	178	UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	179	UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	180	UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	181	UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	182	UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	183	UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	184	UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	185	UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	186	UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	187	UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	188	UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	189	UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	190	UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	191	UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	192	UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(71.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	193	UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	194	UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	195	UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	196	UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	197	UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	198	UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	199	UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	200	UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	201	UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	202	UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	203	UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	204	UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	205	UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	206	UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	207	UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	208	UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	209	UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	210	UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	211	UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	212	UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	213	UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	214	UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	215	UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	216	UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	217	UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	218	UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	219	UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	220	UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	221	UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	222	UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	223	UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	224	UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	225	UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	226	UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	227	UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	228	UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(67.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	229	UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	230	UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	231	UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	232	UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	233	UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	234	UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	235	UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	236	UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	237	UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	238	UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	239	UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	240	UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	241	UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	242	UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	243	UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	244	UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	245	UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	246	UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(64.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	247	IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	248	IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	249	IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	250	UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	251	UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	252	UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	253	UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	254	UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	255	IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(46.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
 
 
 Undetected flows:
-	1	TCP 192.168.1.34:51307 <-> 149.13.32.15:13392 [proto: 0/Unknown][19 pkts/16968 bytes <-> 7 pkts/531 bytes]
-	2	TCP 192.168.1.34:51312 <-> 149.13.32.15:13392 [proto: 0/Unknown][18 pkts/15111 bytes <-> 7 pkts/531 bytes]
-	3	TCP 192.168.1.34:51315 <-> 212.161.8.36:13392 [proto: 0/Unknown][16 pkts/11797 bytes <-> 7 pkts/493 bytes]
-	4	TCP 192.168.1.34:51317 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/5655 bytes <-> 8 pkts/553 bytes]
-	5	TCP 192.168.1.34:51294 <-> 81.83.77.141:17639 [proto: 0/Unknown][19 pkts/2794 bytes <-> 14 pkts/2303 bytes]
-	6	TCP 192.168.1.34:51314 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/1407 bytes <-> 9 pkts/652 bytes]
-	7	TCP 192.168.1.34:51301 <-> 82.224.110.241:38895 [proto: 0/Unknown][11 pkts/835 bytes <-> 7 pkts/647 bytes]
-	8	TCP 192.168.1.34:51303 -> 80.121.84.93:62381 [proto: 0/Unknown][7 pkts/546 bytes -> 0 pkts/0 bytes]
-	9	TCP 192.168.1.34:51306 -> 80.121.84.93:62381 [proto: 0/Unknown][6 pkts/468 bytes -> 0 pkts/0 bytes]
-	10	UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes]
-	11	TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes]
-	12	TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.1.34:51307 <-> 149.13.32.15:13392 [proto: 0/Unknown][19 pkts/16968 bytes <-> 7 pkts/531 bytes][pktlen c2s avg(stddev)/entropy: 3.7(893.1)/669.9][pktlen s2c avg(stddev)/entropy: 2.8(75.9)/19.7][bytes ratio: 0.94]
+	2	TCP 192.168.1.34:51312 <-> 149.13.32.15:13392 [proto: 0/Unknown][18 pkts/15111 bytes <-> 7 pkts/531 bytes][pktlen c2s avg(stddev)/entropy: 3.6(839.5)/680.8][pktlen s2c avg(stddev)/entropy: 2.8(75.9)/19.7][bytes ratio: 0.93]
+	3	TCP 192.168.1.34:51315 <-> 212.161.8.36:13392 [proto: 0/Unknown][16 pkts/11797 bytes <-> 7 pkts/493 bytes][pktlen c2s avg(stddev)/entropy: 3.3(737.3)/681.3][pktlen s2c avg(stddev)/entropy: 2.8(70.4)/7.3][bytes ratio: 0.92]
+	4	TCP 192.168.1.34:51317 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/5655 bytes <-> 8 pkts/553 bytes][pktlen c2s avg(stddev)/entropy: 2.6(471.2)/595.5][pktlen s2c avg(stddev)/entropy: 3.0(69.1)/7.7][bytes ratio: 0.82]
+	5	TCP 192.168.1.34:51294 <-> 81.83.77.141:17639 [proto: 0/Unknown][19 pkts/2794 bytes <-> 14 pkts/2303 bytes][pktlen c2s avg(stddev)/entropy: 3.5(147.1)/199.9][pktlen s2c avg(stddev)/entropy: 2.8(164.5)/284.9][bytes ratio: 0.10]
+	6	TCP 192.168.1.34:51314 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/1407 bytes <-> 9 pkts/652 bytes][pktlen c2s avg(stddev)/entropy: 3.1(127.9)/106.2][pktlen s2c avg(stddev)/entropy: 3.2(72.4)/11.5][bytes ratio: 0.37]
+	7	TCP 192.168.1.34:51301 <-> 82.224.110.241:38895 [proto: 0/Unknown][11 pkts/835 bytes <-> 7 pkts/647 bytes][pktlen c2s avg(stddev)/entropy: 3.4(75.9)/14.8][pktlen s2c avg(stddev)/entropy: 2.8(92.4)/20.6][bytes ratio: 0.13]
+	8	TCP 192.168.1.34:51303 -> 80.121.84.93:62381 [proto: 0/Unknown][7 pkts/546 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.8(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	9	TCP 192.168.1.34:51306 -> 80.121.84.93:62381 [proto: 0/Unknown][6 pkts/468 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	10	UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	11	TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/12.0][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.28]
+	12	TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/smbv1.pcap.out b/tests/result/smbv1.pcap.out
index d6a2183d9..92a418068 100644
--- a/tests/result/smbv1.pcap.out
+++ b/tests/result/smbv1.pcap.out
@@ -1,3 +1,3 @@
 SMBv1	7	1197	1
 
-	1	TCP 172.16.156.130:50927 <-> 10.128.0.243:445 [proto: 16/SMBv1][cat: System/18][4 pkts/669 bytes <-> 3 pkts/528 bytes][PLAIN TEXT (PC NETWORK PROGRAM 1.0)]
+	1	TCP 172.16.156.130:50927 <-> 10.128.0.243:445 [proto: 16/SMBv1][cat: System/18][4 pkts/669 bytes <-> 3 pkts/528 bytes][pktlen c2s avg(stddev)/entropy: 2.0(167.2)/25.6][pktlen s2c avg(stddev)/entropy: 1.5(176.0)/52.8][bytes ratio: 0.12][PLAIN TEXT (PC NETWORK PROGRAM 1.0)]
diff --git a/tests/result/smpp_in_general.pcap.out b/tests/result/smpp_in_general.pcap.out
index 529170e53..2fe02aa0f 100644
--- a/tests/result/smpp_in_general.pcap.out
+++ b/tests/result/smpp_in_general.pcap.out
@@ -1,3 +1,3 @@
 SMPP	17	1144	1
 
-	1	TCP 10.226.202.118:1770 <-> 10.226.202.53:9000 [proto: 207/SMPP][cat: Download-FileTransfer-FileSharing/7][10 pkts/670 bytes <-> 7 pkts/474 bytes][PLAIN TEXT (password)]
+	1	TCP 10.226.202.118:1770 <-> 10.226.202.53:9000 [proto: 207/SMPP][cat: Download-FileTransfer-FileSharing/7][10 pkts/670 bytes <-> 7 pkts/474 bytes][pktlen c2s avg(stddev)/entropy: 3.3(67.0)/17.3][pktlen s2c avg(stddev)/entropy: 2.8(67.7)/7.3][bytes ratio: 0.17][PLAIN TEXT (password)]
diff --git a/tests/result/snapchat.pcap.out b/tests/result/snapchat.pcap.out
index 50f3bb6d3..7120016a4 100644
--- a/tests/result/snapchat.pcap.out
+++ b/tests/result/snapchat.pcap.out
@@ -6,6 +6,6 @@ JA3 Host Stats:
 	1	 10.8.0.1                 	 2      
 
 
-	1	TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][TLSv1.2][client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	2	TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][TLSv1.2][client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	3	TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes][TLSv1.2][JA3C: 36e9ceaa96dd810482573844f78a063f][JA3S: fbe78c619e7ea20046131294ad087f05][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	1	TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][pktlen c2s avg(stddev)/entropy: 2.6(254.4)/236.6][pktlen s2c avg(stddev)/entropy: 1.7(206.6)/349.9][bytes ratio: 0.16][TLSv1.2][client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][pktlen c2s avg(stddev)/entropy: 2.6(260.6)/235.8][pktlen s2c avg(stddev)/entropy: 2.3(129.0)/149.5][bytes ratio: 0.39][TLSv1.2][client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	3	TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes][pktlen c2s avg(stddev)/entropy: 2.9(173.6)/162.7][pktlen s2c avg(stddev)/entropy: 3.1(88.1)/75.5][bytes ratio: 0.33][TLSv1.2][JA3C: 36e9ceaa96dd810482573844f78a063f][JA3S: fbe78c619e7ea20046131294ad087f05][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
diff --git a/tests/result/ssdp-m-search.pcap.out b/tests/result/ssdp-m-search.pcap.out
index e8939448b..2bf6a79d8 100644
--- a/tests/result/ssdp-m-search.pcap.out
+++ b/tests/result/ssdp-m-search.pcap.out
@@ -1,3 +1,3 @@
 SSDP	19	1197	1
 
-	1	UDP 192.168.242.8:42253 -> 192.168.242.255:32412 [proto: 12/SSDP][cat: System/18][19 pkts/1197 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+	1	UDP 192.168.242.8:42253 -> 192.168.242.255:32412 [proto: 12/SSDP][cat: System/18][19 pkts/1197 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.2(63.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SEARCH )]
diff --git a/tests/result/ssh.pcap.out b/tests/result/ssh.pcap.out
index bd2bb2cff..e01906744 100644
--- a/tests/result/ssh.pcap.out
+++ b/tests/result/ssh.pcap.out
@@ -1,3 +1,3 @@
 SSH	258	35546	1
 
-	1	TCP 172.16.238.1:58395 <-> 172.16.238.168:22 [proto: 92/SSH][cat: RemoteAccess/12][159 pkts/15615 bytes <-> 99 pkts/19931 bytes][client: SSH-2.0-OpenSSH_5.3][HASSH-C: 21B457A327CE7A2D4FCE5EF2C42400BD][server: SSH-2.0-OpenSSH_5.6][HASSH-S: B1C6C0D56317555B85C7005A3DE29325]
+	1	TCP 172.16.238.1:58395 <-> 172.16.238.168:22 [proto: 92/SSH][cat: RemoteAccess/12][159 pkts/15615 bytes <-> 99 pkts/19931 bytes][pktlen c2s avg(stddev)/entropy: 4.9(98.2)/83.1][pktlen s2c avg(stddev)/entropy: 4.0(201.3)/283.2][bytes ratio: -0.12][client: SSH-2.0-OpenSSH_5.3][HASSH-C: 21B457A327CE7A2D4FCE5EF2C42400BD][server: SSH-2.0-OpenSSH_5.6][HASSH-S: B1C6C0D56317555B85C7005A3DE29325]
diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out
index 79367d46b..089b4da13 100644
--- a/tests/result/starcraft_battle.pcap.out
+++ b/tests/result/starcraft_battle.pcap.out
@@ -8,55 +8,55 @@ Google	22	2184	5
 Github	3	234	1
 Starcraft	236	51494	6
 
-	1	TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][cat: Web/5][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Host: llnw.blizzard.com][PLAIN TEXT (GET /sc)]
-	2	TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][PLAIN TEXT (matteobracci1@gmail.com)]
-	3	TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	4	TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	5	TCP 192.168.1.100:3529 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	6	TCP 192.168.1.100:3530 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	7	TCP 192.168.1.100:3531 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	8	UDP 192.168.1.254:38605 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][11 pkts/4984 bytes -> 0 pkts/0 bytes][PLAIN TEXT (osNOTIFY )]
-	9	TCP 192.168.1.100:3525 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/545 bytes <-> 6 pkts/3388 bytes][Host: eu.battle.net][PLAIN TEXT (GET /sc)]
-	10	TCP 192.168.1.100:3526 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/547 bytes <-> 5 pkts/3139 bytes][Host: eu.battle.net][PLAIN TEXT (GET /sc)]
-	11	TCP 192.168.1.100:3516 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 6 pkts/3131 bytes][Host: eu.launcher.battle.net][PLAIN TEXT (GET /service/s2/regions)]
-	12	TCP 192.168.1.100:3522 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 5 pkts/3071 bytes][Host: eu.launcher.battle.net][PLAIN TEXT (GET /service/s2/regions)]
-	13	TCP 192.168.1.100:3506 <-> 173.194.113.224:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/632 bytes <-> 4 pkts/667 bytes][Host: www.google-analytics.com][PLAIN TEXT (POST /collect HTTP/1.1)]
-	14	TCP 192.168.1.100:3518 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/473 bytes <-> 4 pkts/753 bytes][Host: nydus.battle.net][PLAIN TEXT (GET /S2/enGB/client/alert)]
-	15	TCP 192.168.1.100:3515 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net][PLAIN TEXT (GET /S2/enGB/client/regions)]
-	16	TCP 192.168.1.100:3521 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net][PLAIN TEXT (GET /S2/enGB/client/regions)]
-	17	TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/481 bytes <-> 4 pkts/733 bytes][Host: nydus.battle.net][PLAIN TEXT (GET /S2/enGB/client/feed/homepa)]
-	18	TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/483 bytes <-> 4 pkts/725 bytes][Host: nydus.battle.net][PLAIN TEXT (GET /S2/enGB/client/feed/live)]
-	19	TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][5 pkts/482 bytes <-> 4 pkts/497 bytes][Host: eu.launcher.battle.net][PLAIN TEXT (GET /service/s2/alert/en)]
-	20	TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][cat: Game/8][6 pkts/376 bytes <-> 7 pkts/526 bytes]
-	21	TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com][PLAIN TEXT (GET /update/Launcher.txt HTTP/1)]
-	22	UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (bnetcmsus)]
-	23	UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes]
-	24	UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 110.212.58.216.in-addr.arpa]
-	25	UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com][PLAIN TEXT (blizzard)]
-	26	UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 100.1.168.192.in-addr.arpa][PLAIN TEXT (dynect)]
-	27	UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 26.186.239.80.in-addr.arpa][PLAIN TEXT (signup)]
-	28	TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7.7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	29	TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7.7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
-	30	UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net][PLAIN TEXT (battle)]
-	31	TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	32	TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	33	TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	34	TCP 192.168.1.100:3482 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	35	TCP 192.168.1.100:3489 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	36	TCP 192.168.1.100:3490 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	37	TCP 192.168.1.100:3491 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	38	TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes]
-	39	TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/TLS.Github][cat: Collaborative/15][2 pkts/145 bytes <-> 1 pkts/89 bytes]
-	40	TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/120 bytes]
-	41	UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/124 bytes][Host: 40.186.239.80.in-addr.arpa][PLAIN TEXT (attens)]
-	42	TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes]
-	43	TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes]
-	44	TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes]
-	45	IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes]
-	46	UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes]
-	47	UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes]
-	48	UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes]
-	49	UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes]
-	50	TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes]
-	51	TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes]
-	52	TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][cat: Web/5][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Host: llnw.blizzard.com][pktlen c2s avg(stddev)/entropy: 5.0(56.2)/19.6][pktlen s2c avg(stddev)/entropy: 4.9(1451.1)/290.7][bytes ratio: -0.92][PLAIN TEXT (GET /sc)]
+	2	TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][pktlen c2s avg(stddev)/entropy: 4.9(72.7)/27.5][pktlen s2c avg(stddev)/entropy: 3.8(460.9)/593.0][bytes ratio: -0.64][PLAIN TEXT (matteobracci1@gmail.com)]
+	3	TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 3.7(64.7)/37.1][pktlen s2c avg(stddev)/entropy: 4.6(1402.4)/386.6][bytes ratio: -0.95][PLAIN TEXT (GET /cms/bnet)]
+	4	TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 3.3(68.6)/42.6][pktlen s2c avg(stddev)/entropy: 4.0(1352.8)/456.0][bytes ratio: -0.94][PLAIN TEXT (GET /cms/bnet)]
+	5	TCP 192.168.1.100:3529 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 3.3(68.4)/41.8][pktlen s2c avg(stddev)/entropy: 4.0(1352.8)/456.0][bytes ratio: -0.94][PLAIN TEXT (GET /cms/bnet)]
+	6	TCP 192.168.1.100:3530 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 3.3(68.4)/41.8][pktlen s2c avg(stddev)/entropy: 4.0(1352.8)/456.0][bytes ratio: -0.94][PLAIN TEXT (GET /cms/bnet)]
+	7	TCP 192.168.1.100:3531 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 3.3(68.4)/41.8][pktlen s2c avg(stddev)/entropy: 4.0(1352.8)/456.0][bytes ratio: -0.94][PLAIN TEXT (GET /cms/bnet)]
+	8	UDP 192.168.1.254:38605 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][11 pkts/4984 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.5(453.1)/30.1][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (osNOTIFY )]
+	9	TCP 192.168.1.100:3525 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/545 bytes <-> 6 pkts/3388 bytes][Host: eu.battle.net][pktlen c2s avg(stddev)/entropy: 2.2(90.8)/77.1][pktlen s2c avg(stddev)/entropy: 1.6(564.7)/672.6][bytes ratio: -0.72][PLAIN TEXT (GET /sc)]
+	10	TCP 192.168.1.100:3526 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/547 bytes <-> 5 pkts/3139 bytes][Host: eu.battle.net][pktlen c2s avg(stddev)/entropy: 2.2(91.2)/77.9][pktlen s2c avg(stddev)/entropy: 1.3(627.8)/695.8][bytes ratio: -0.70][PLAIN TEXT (GET /sc)]
+	11	TCP 192.168.1.100:3516 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 6 pkts/3131 bytes][Host: eu.launcher.battle.net][pktlen c2s avg(stddev)/entropy: 2.2(91.5)/78.6][pktlen s2c avg(stddev)/entropy: 1.5(521.8)/654.3][bytes ratio: -0.70][PLAIN TEXT (GET /service/s2/regions)]
+	12	TCP 192.168.1.100:3522 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 5 pkts/3071 bytes][Host: eu.launcher.battle.net][pktlen c2s avg(stddev)/entropy: 2.2(91.5)/78.6][pktlen s2c avg(stddev)/entropy: 1.4(614.2)/680.1][bytes ratio: -0.70][PLAIN TEXT (GET /service/s2/regions)]
+	13	TCP 192.168.1.100:3506 <-> 173.194.113.224:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/632 bytes <-> 4 pkts/667 bytes][Host: www.google-analytics.com][pktlen c2s avg(stddev)/entropy: 1.7(126.4)/138.9][pktlen s2c avg(stddev)/entropy: 1.3(166.8)/181.4][bytes ratio: -0.03][PLAIN TEXT (POST /collect HTTP/1.1)]
+	14	TCP 192.168.1.100:3518 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/473 bytes <-> 4 pkts/753 bytes][Host: nydus.battle.net][pktlen c2s avg(stddev)/entropy: 2.4(78.8)/50.4][pktlen s2c avg(stddev)/entropy: 1.2(188.2)/222.1][bytes ratio: -0.23][PLAIN TEXT (GET /S2/enGB/client/alert)]
+	15	TCP 192.168.1.100:3515 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net][pktlen c2s avg(stddev)/entropy: 2.4(79.2)/51.1][pktlen s2c avg(stddev)/entropy: 1.2(187.2)/220.4][bytes ratio: -0.22][PLAIN TEXT (GET /S2/enGB/client/regions)]
+	16	TCP 192.168.1.100:3521 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net][pktlen c2s avg(stddev)/entropy: 2.4(79.2)/51.1][pktlen s2c avg(stddev)/entropy: 1.2(187.2)/220.4][bytes ratio: -0.22][PLAIN TEXT (GET /S2/enGB/client/regions)]
+	17	TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/481 bytes <-> 4 pkts/733 bytes][Host: nydus.battle.net][pktlen c2s avg(stddev)/entropy: 2.3(80.2)/53.3][pktlen s2c avg(stddev)/entropy: 1.2(183.2)/213.5][bytes ratio: -0.21][PLAIN TEXT (GET /S2/enGB/client/feed/homepa)]
+	18	TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/483 bytes <-> 4 pkts/725 bytes][Host: nydus.battle.net][pktlen c2s avg(stddev)/entropy: 2.3(80.5)/54.1][pktlen s2c avg(stddev)/entropy: 1.2(181.2)/210.0][bytes ratio: -0.20][PLAIN TEXT (GET /S2/enGB/client/feed/live)]
+	19	TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][5 pkts/482 bytes <-> 4 pkts/497 bytes][Host: eu.launcher.battle.net][pktlen c2s avg(stddev)/entropy: 1.9(96.4)/78.9][pktlen s2c avg(stddev)/entropy: 1.5(124.2)/111.3][bytes ratio: -0.02][PLAIN TEXT (GET /service/s2/alert/en)]
+	20	TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][cat: Game/8][6 pkts/376 bytes <-> 7 pkts/526 bytes][pktlen c2s avg(stddev)/entropy: 2.6(62.7)/8.8][pktlen s2c avg(stddev)/entropy: 2.7(75.1)/32.8][bytes ratio: -0.17]
+	21	TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com][pktlen c2s avg(stddev)/entropy: 2.2(73.4)/33.1][pktlen s2c avg(stddev)/entropy: 1.5(128.2)/114.8][bytes ratio: -0.17][PLAIN TEXT (GET /update/Launcher.txt HTTP/1)]
+	22	UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 1.0(84.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(194.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (bnetcmsus)]
+	23	UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes][pktlen c2s avg(stddev)/entropy: 1.6(81.0)/2.8][pktlen s2c avg(stddev)/entropy: 1.6(77.3)/8.0][bytes ratio: 0.02]
+	24	UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 110.212.58.216.in-addr.arpa][pktlen c2s avg(stddev)/entropy: 1.0(86.5)/0.5][pktlen s2c avg(stddev)/entropy: 1.0(141.0)/16.0][bytes ratio: -0.24]
+	25	UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com][pktlen c2s avg(stddev)/entropy: 1.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(144.0)/0.0][bytes ratio: -0.30][PLAIN TEXT (blizzard)]
+	26	UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 100.1.168.192.in-addr.arpa][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(130.0)/24.0][bytes ratio: -0.20][PLAIN TEXT (dynect)]
+	27	UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 26.186.239.80.in-addr.arpa][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(122.5)/36.5][bytes ratio: -0.18][PLAIN TEXT (signup)]
+	28	TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7.7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 1.3(106.7)/66.2][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.66][PLAIN TEXT (GET /cms/bnet)]
+	29	TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7.7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][pktlen c2s avg(stddev)/entropy: 1.3(106.7)/66.2][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.66][PLAIN TEXT (GET /cms/bnet)]
+	30	UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net][pktlen c2s avg(stddev)/entropy: 1.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(92.0)/0.0][bytes ratio: -0.10][PLAIN TEXT (battle)]
+	31	TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	32	TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	33	TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	34	TCP 192.168.1.100:3482 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	35	TCP 192.168.1.100:3489 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	36	TCP 192.168.1.100:3490 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	37	TCP 192.168.1.100:3491 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	38	TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.9(83.5)/23.5][bytes ratio: -0.21]
+	39	TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/TLS.Github][cat: Collaborative/15][2 pkts/145 bytes <-> 1 pkts/89 bytes][pktlen c2s avg(stddev)/entropy: 1.0(72.5)/12.5][pktlen s2c avg(stddev)/entropy: 0.0(89.0)/0.0][bytes ratio: 0.24]
+	40	TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/120 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(60.0)/0.0][bytes ratio: -0.05]
+	41	UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/124 bytes][Host: 40.186.239.80.in-addr.arpa][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(124.0)/0.0][bytes ratio: -0.18][PLAIN TEXT (attens)]
+	42	TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: 0.29]
+	43	TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(55.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: -0.09]
+	44	TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(55.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: -0.09]
+	45	IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	46	UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 0.0(44.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: -0.15]
+	47	UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 0.0(44.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: -0.15]
+	48	UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 0.0(43.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: -0.17]
+	49	UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes][pktlen c2s avg(stddev)/entropy: 0.0(43.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(60.0)/0.0][bytes ratio: -0.17]
+	50	TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	51	TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	52	TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/teredo.pcap.out b/tests/result/teredo.pcap.out
index 24be9ebb2..d2a1937ad 100644
--- a/tests/result/teredo.pcap.out
+++ b/tests/result/teredo.pcap.out
@@ -1,7 +1,7 @@
 Teredo	24	2574	5
 
-	1	UDP 10.112.16.67:51812 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][10 pkts/930 bytes <-> 4 pkts/374 bytes]
-	2	UDP 10.112.16.106:52513 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][2 pkts/206 bytes <-> 2 pkts/302 bytes]
-	3	UDP 10.112.16.64:56154 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes]
-	4	UDP 10.112.16.89:60381 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes]
-	5	UDP 10.112.16.92:63448 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes]
+	1	UDP 10.112.16.67:51812 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][10 pkts/930 bytes <-> 4 pkts/374 bytes][pktlen c2s avg(stddev)/entropy: 3.3(93.0)/3.7][pktlen s2c avg(stddev)/entropy: 2.0(93.5)/2.1][bytes ratio: 0.43]
+	2	UDP 10.112.16.106:52513 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][2 pkts/206 bytes <-> 2 pkts/302 bytes][pktlen c2s avg(stddev)/entropy: 1.0(103.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(151.0)/0.0][bytes ratio: -0.19]
+	3	UDP 10.112.16.64:56154 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes][pktlen c2s avg(stddev)/entropy: 0.0(103.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(151.0)/0.0][bytes ratio: -0.19]
+	4	UDP 10.112.16.89:60381 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes][pktlen c2s avg(stddev)/entropy: 0.0(103.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(151.0)/0.0][bytes ratio: -0.19]
+	5	UDP 10.112.16.92:63448 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes][pktlen c2s avg(stddev)/entropy: 0.0(103.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(151.0)/0.0][bytes ratio: -0.19]
diff --git a/tests/result/tinc.pcap.out b/tests/result/tinc.pcap.out
index 424f44d8a..7aca67227 100644
--- a/tests/result/tinc.pcap.out
+++ b/tests/result/tinc.pcap.out
@@ -1,6 +1,6 @@
 TINC	317	352291	4
 
-	1	UDP 185.83.218.112:55656 <-> 131.114.168.27:55656 [proto: 209/TINC][cat: VPN/2][29 pkts/30038 bytes <-> 105 pkts/139726 bytes][PLAIN TEXT (E@zUIs1)]
-	2	UDP 131.114.168.27:55655 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][101 pkts/136966 bytes <-> 29 pkts/32550 bytes][PLAIN TEXT (Cr64lS)]
-	3	TCP 131.114.168.27:49290 <-> 185.83.218.112:55656 [proto: 209/TINC][cat: VPN/2][14 pkts/3812 bytes <-> 13 pkts/3098 bytes][PLAIN TEXT (1 94 64 0 0 5861ABF)]
-	4	TCP 131.114.168.27:59244 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][15 pkts/3169 bytes <-> 11 pkts/2932 bytes][PLAIN TEXT (1 429 672 0 0 2)]
+	1	UDP 185.83.218.112:55656 <-> 131.114.168.27:55656 [proto: 209/TINC][cat: VPN/2][29 pkts/30038 bytes <-> 105 pkts/139726 bytes][pktlen c2s avg(stddev)/entropy: 4.6(1035.8)/544.4][pktlen s2c avg(stddev)/entropy: 4.8(1330.7)/412.4][bytes ratio: -0.65][PLAIN TEXT (E@zUIs1)]
+	2	UDP 131.114.168.27:55655 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][101 pkts/136966 bytes <-> 29 pkts/32550 bytes][pktlen c2s avg(stddev)/entropy: 4.8(1356.1)/400.1][pktlen s2c avg(stddev)/entropy: 4.6(1122.4)/533.9][bytes ratio: 0.62][PLAIN TEXT (Cr64lS)]
+	3	TCP 131.114.168.27:49290 <-> 185.83.218.112:55656 [proto: 209/TINC][cat: VPN/2][14 pkts/3812 bytes <-> 13 pkts/3098 bytes][pktlen c2s avg(stddev)/entropy: 2.7(272.3)/380.0][pktlen s2c avg(stddev)/entropy: 2.6(238.3)/362.6][bytes ratio: 0.10][PLAIN TEXT (1 94 64 0 0 5861ABF)]
+	4	TCP 131.114.168.27:59244 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][15 pkts/3169 bytes <-> 11 pkts/2932 bytes][pktlen c2s avg(stddev)/entropy: 2.7(211.3)/345.2][pktlen s2c avg(stddev)/entropy: 2.4(266.5)/387.3][bytes ratio: 0.04][PLAIN TEXT (1 429 672 0 0 2)]
diff --git a/tests/result/tor.pcap.out b/tests/result/tor.pcap.out
index 601cacc4c..e58bf3d1a 100644
--- a/tests/result/tor.pcap.out
+++ b/tests/result/tor.pcap.out
@@ -9,14 +9,14 @@ JA3 Host Stats:
 	1	 192.168.1.252            	 1      
 
 
-	1	TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][TLSv1][client: www.jmts2id.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][server: www.gg562izcxdvqdk.com][JA3S: e1691a31bfe345d2692da75636ddfb00][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][PLAIN TEXT (id.com)]
-	2	TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][TLSv1][client: www.q4cyamnc6mtokjurvdclt.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (cyamnc6)]
-	3	TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][TLSv1][client: www.ct7ctrgb6cr7.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (www.ct7)]
-	4	TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][TLSv1][client: www.gfu7hbxpfp.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][server: www.xkgk7fdx362yyyxib.com][JA3S: 184d532a16876b78846ae6a03f654890][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][PLAIN TEXT (www.gfu)]
-	5	TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][TLSv1][client: www.e6r5p57kbafwrxj3plz.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (57kbafwrx)]
-	6	TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][TLSv1][client: www.t3i3ru.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (ru.com)]
-	7	TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][TLSv1][client: www.6gyip7tqim7sieb.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (sieb.com)]
-	8	UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 676879976)]
-	9	UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Endian)]
-	10	UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EFEOEEEJEBEOCNFAEDCACACACACACA)]
-	11	TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes]
+	1	TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][pktlen c2s avg(stddev)/entropy: 4.1(261.7)/348.8][pktlen s2c avg(stddev)/entropy: 4.4(1175.6)/544.1][bytes ratio: -0.76][TLSv1][client: www.jmts2id.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][server: www.gg562izcxdvqdk.com][JA3S: e1691a31bfe345d2692da75636ddfb00][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][PLAIN TEXT (id.com)]
+	2	TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][pktlen c2s avg(stddev)/entropy: 4.0(251.7)/354.5][pktlen s2c avg(stddev)/entropy: 4.5(1247.8)/507.1][bytes ratio: -0.79][TLSv1][client: www.q4cyamnc6mtokjurvdclt.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (cyamnc6)]
+	3	TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][pktlen c2s avg(stddev)/entropy: 4.3(366.4)/349.5][pktlen s2c avg(stddev)/entropy: 4.3(580.0)/568.1][bytes ratio: -0.34][TLSv1][client: www.ct7ctrgb6cr7.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (www.ct7)]
+	4	TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][pktlen c2s avg(stddev)/entropy: 3.5(322.9)/270.5][pktlen s2c avg(stddev)/entropy: 3.5(334.8)/384.8][bytes ratio: -0.12][TLSv1][client: www.gfu7hbxpfp.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][server: www.xkgk7fdx362yyyxib.com][JA3S: 184d532a16876b78846ae6a03f654890][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][PLAIN TEXT (www.gfu)]
+	5	TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][pktlen c2s avg(stddev)/entropy: 3.4(303.6)/266.5][pktlen s2c avg(stddev)/entropy: 3.3(349.1)/398.3][bytes ratio: -0.13][TLSv1][client: www.e6r5p57kbafwrxj3plz.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (57kbafwrx)]
+	6	TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][pktlen c2s avg(stddev)/entropy: 3.3(230.7)/242.6][pktlen s2c avg(stddev)/entropy: 3.3(421.2)/402.9][bytes ratio: -0.29][TLSv1][client: www.t3i3ru.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (ru.com)]
+	7	TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][pktlen c2s avg(stddev)/entropy: 3.2(242.3)/246.7][pktlen s2c avg(stddev)/entropy: 3.1(430.5)/415.8][bytes ratio: -0.25][TLSv1][client: www.6gyip7tqim7sieb.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (sieb.com)]
+	8	UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.3(186.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 676879976)]
+	9	UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(151.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (Endian)]
+	10	UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(252.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EFEOEEEJEBEOCNFAEDCACACACACACA)]
+	11	TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(60.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/ubntac2.pcap.out b/tests/result/ubntac2.pcap.out
index 8eb985855..5f9f9eaae 100644
--- a/tests/result/ubntac2.pcap.out
+++ b/tests/result/ubntac2.pcap.out
@@ -1,10 +1,10 @@
 UBNTAC2	8	1736	8
 
-	1	UDP 192.168.1.1:34085 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	2	UDP 192.168.1.1:42838 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	3	UDP 192.168.1.1:44641 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	4	UDP 192.168.1.1:47746 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	5	UDP 192.168.1.1:47871 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	6	UDP 192.168.1.1:52220 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	7	UDP 192.168.1.1:55321 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
-	8	UDP 192.168.1.1:59772 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	1	UDP 192.168.1.1:34085 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	2	UDP 192.168.1.1:42838 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	3	UDP 192.168.1.1:44641 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	4	UDP 192.168.1.1:47746 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	5	UDP 192.168.1.1:47871 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	6	UDP 192.168.1.1:52220 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	7	UDP 192.168.1.1:55321 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
+	8	UDP 192.168.1.1:59772 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4.3.33.4936086.161203.2031][pktlen c2s avg(stddev)/entropy: 0.0(217.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (UniFiSecurityGateway.ER)]
diff --git a/tests/result/upnp.pcap.out b/tests/result/upnp.pcap.out
index 34f047ddb..bd80ed844 100644
--- a/tests/result/upnp.pcap.out
+++ b/tests/result/upnp.pcap.out
@@ -1,4 +1,4 @@
 UPnP	14	9912	2
 
-	1	UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes][PLAIN TEXT (xml version)]
-	2	UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes][PLAIN TEXT (xml version)]
+	1	UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.8(718.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (xml version)]
+	2	UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.8(698.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (xml version)]
diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out
index f14526bca..d8936b801 100644
--- a/tests/result/viber.pcap.out
+++ b/tests/result/viber.pcap.out
@@ -14,29 +14,29 @@ JA3 Host Stats:
 	1	 192.168.0.17             	 2      
 
 
-	1	TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/TLS.Viber][cat: VoIP/10][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][TLSv1.2][client: dl-media.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][organization: Viber Media Sarl][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	2	TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/TLS.Viber][cat: VoIP/10][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][TLSv1.2][client: media.cdn.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.cdn.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][organization: Viber Media Sarl][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	3	TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91.178/TLS.Amazon][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][TLSv1.2][client: brahe.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	4	TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][cat: VoIP/10][32 pkts/6563 bytes <-> 26 pkts/2782 bytes]
-	5	TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][TLSv1.2][client: app-measurement.com][JA3C: 3967ff2d2c9c4d144e7e30f24f4e9761][JA3S: 67619a80665d7ab92d1041b1d11f9164][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	6	TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][TLSv1.2][client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	7	TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91.137/TLS.GenericProtocol][cat: Media/1][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][TLSv1.2][client: venetia.iad.appboy.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: y.ssl.fastly.net][JA3S: 860fcf58fd757e26aa8911e5eaff6b53][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	8	TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][TLSv1.2][client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	9	UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: VoIP/10][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][PLAIN TEXT (Android)]
-	10	UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: VoIP/10][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][PLAIN TEXT (Android)]
-	11	ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes][PLAIN TEXT (1234567890ABCDEFGHIJKLMNOPQ)]
-	12	UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com][PLAIN TEXT (apptimize)]
-	13	TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes]
-	14	TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes]
-	15	UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes][PLAIN TEXT (805741C)]
-	16	UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com][PLAIN TEXT (adjust)]
-	17	UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com][PLAIN TEXT (facebook)]
-	18	UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com][PLAIN TEXT (venetia)]
-	19	UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: VoIP/10][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com][PLAIN TEXT (cloudfront)]
-	20	UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: VoIP/10][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com][PLAIN TEXT (cloudfront)]
-	21	UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes]
-	22	UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com][PLAIN TEXT (measurement)]
-	23	UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com][PLAIN TEXT (google)]
-	24	ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes]
-	25	UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes]
-	26	UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes]
+	1	TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/TLS.Viber][cat: VoIP/10][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][pktlen c2s avg(stddev)/entropy: 4.4(106.3)/151.1][pktlen s2c avg(stddev)/entropy: 4.9(1306.2)/466.3][bytes ratio: -0.86][TLSv1.2][client: dl-media.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][organization: Viber Media Sarl][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/TLS.Viber][cat: VoIP/10][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][pktlen c2s avg(stddev)/entropy: 3.1(154.0)/138.2][pktlen s2c avg(stddev)/entropy: 3.0(776.4)/635.3][bytes ratio: -0.67][TLSv1.2][client: media.cdn.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.cdn.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][organization: Viber Media Sarl][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	3	TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91.178/TLS.Amazon][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][pktlen c2s avg(stddev)/entropy: 2.5(217.2)/380.1][pktlen s2c avg(stddev)/entropy: 2.9(468.0)/569.8][bytes ratio: -0.40][TLSv1.2][client: brahe.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	4	TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][cat: VoIP/10][32 pkts/6563 bytes <-> 26 pkts/2782 bytes][pktlen c2s avg(stddev)/entropy: 4.5(205.1)/184.2][pktlen s2c avg(stddev)/entropy: 4.6(107.0)/42.7][bytes ratio: 0.40]
+	5	TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][pktlen c2s avg(stddev)/entropy: 3.1(355.9)/369.7][pktlen s2c avg(stddev)/entropy: 3.0(286.3)/257.9][bytes ratio: 0.22][TLSv1.2][client: app-measurement.com][JA3C: 3967ff2d2c9c4d144e7e30f24f4e9761][JA3S: 67619a80665d7ab92d1041b1d11f9164][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	6	TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][pktlen c2s avg(stddev)/entropy: 3.1(130.6)/111.7][pktlen s2c avg(stddev)/entropy: 2.7(582.9)/601.3][bytes ratio: -0.63][TLSv1.2][client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	7	TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91.137/TLS.GenericProtocol][cat: Media/1][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][pktlen c2s avg(stddev)/entropy: 2.7(153.4)/169.0][pktlen s2c avg(stddev)/entropy: 2.6(693.2)/615.5][bytes ratio: -0.61][TLSv1.2][client: venetia.iad.appboy.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: y.ssl.fastly.net][JA3S: 860fcf58fd757e26aa8911e5eaff6b53][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	8	TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][pktlen c2s avg(stddev)/entropy: 3.1(132.9)/110.8][pktlen s2c avg(stddev)/entropy: 2.6(560.3)/605.1][bytes ratio: -0.62][TLSv1.2][client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	9	UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: VoIP/10][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][pktlen c2s avg(stddev)/entropy: 4.3(209.8)/115.2][pktlen s2c avg(stddev)/entropy: 4.4(104.6)/19.6][bytes ratio: 0.37][PLAIN TEXT (Android)]
+	10	UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: VoIP/10][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][pktlen c2s avg(stddev)/entropy: 4.3(173.8)/120.4][pktlen s2c avg(stddev)/entropy: 4.1(104.0)/19.8][bytes ratio: 0.40][PLAIN TEXT (Android)]
+	11	ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes][pktlen c2s avg(stddev)/entropy: 0.0(1514.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(1514.0)/0.0][bytes ratio: 0.00][PLAIN TEXT (1234567890ABCDEFGHIJKLMNOPQ)]
+	12	UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(373.0)/0.0][bytes ratio: -0.65][PLAIN TEXT (apptimize)]
+	13	TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes][pktlen c2s avg(stddev)/entropy: 2.0(68.0)/3.5][pktlen s2c avg(stddev)/entropy: 1.0(70.0)/4.0][bytes ratio: 0.32]
+	14	TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes][pktlen c2s avg(stddev)/entropy: 2.0(68.0)/3.5][pktlen s2c avg(stddev)/entropy: 1.0(70.0)/4.0][bytes ratio: 0.32]
+	15	UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(103.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (805741C)]
+	16	UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(303.0)/0.0][bytes ratio: -0.61][PLAIN TEXT (adjust)]
+	17	UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(203.0)/0.0][bytes ratio: -0.44][PLAIN TEXT (facebook)]
+	18	UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(183.0)/0.0][bytes ratio: -0.38][PLAIN TEXT (venetia)]
+	19	UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: VoIP/10][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(185.0)/0.0][bytes ratio: -0.40][PLAIN TEXT (cloudfront)]
+	20	UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: VoIP/10][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com][pktlen c2s avg(stddev)/entropy: 0.0(78.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(185.0)/0.0][bytes ratio: -0.41][PLAIN TEXT (cloudfront)]
+	21	UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes][pktlen c2s avg(stddev)/entropy: 1.0(65.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(64.0)/0.0][bytes ratio: 0.34]
+	22	UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(95.0)/0.0][bytes ratio: -0.09][PLAIN TEXT (measurement)]
+	23	UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(90.0)/0.0][bytes ratio: -0.10][PLAIN TEXT (google)]
+	24	ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	25	UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(62.0)/0.0][bytes ratio: 0.10]
+	26	UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(62.0)/0.0][bytes ratio: 0.10]
diff --git a/tests/result/vnc.pcap.out b/tests/result/vnc.pcap.out
index a33b43ef6..77e71fa12 100644
--- a/tests/result/vnc.pcap.out
+++ b/tests/result/vnc.pcap.out
@@ -1,4 +1,4 @@
 VNC	4551	329158	2
 
-	1	TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes][PLAIN TEXT (ws57U@4.00)]
-	2	TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes]
+	1	TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes][pktlen c2s avg(stddev)/entropy: 5.0(80.1)/5.3][pktlen s2c avg(stddev)/entropy: 5.0(54.3)/2.7][bytes ratio: 0.55][PLAIN TEXT (ws57U@4.00)]
+	2	TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes][pktlen c2s avg(stddev)/entropy: 5.0(80.3)/4.7][pktlen s2c avg(stddev)/entropy: 5.0(54.7)/4.2][bytes ratio: 0.51]
diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out
index 796571eb3..d241bc5ac 100644
--- a/tests/result/waze.pcap.out
+++ b/tests/result/waze.pcap.out
@@ -11,39 +11,39 @@ JA3 Host Stats:
 	1	 10.8.0.1                 	 2      
 
 
-	1	TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	2	TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net][PLAIN TEXT (GET /xtra)]
-	3	TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	4	TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	5	TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	6	TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	7	TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	8	TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	9	TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	10	TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	11	TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	12	TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	13	TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
-	14	TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com][PLAIN TEXT (GET /images/HD/CH)]
-	15	TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91.126/TLS.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA3S: 23f1f6e2f0015c166df49fdab4280370 (INSECURE)][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA]
-	16	TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][PLAIN TEXT (GET /lang)]
-	17	TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes][PLAIN TEXT (Android)]
-	18	TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][PLAIN TEXT (GET /newV)]
-	19	TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][PLAIN TEXT (GET /lang)]
-	20	TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][PLAIN TEXT (GET /langs/1.0/lang.portuguese)]
-	21	TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com][PLAIN TEXT (GET /newV)]
-	22	TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com][PLAIN TEXT (GET /shields)]
-	23	TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
-	24	TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
-	25	TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
-	26	TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
-	27	TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
-	28	TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
-	29	TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
-	30	TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
-	31	TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
-	32	UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes]
+	1	TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][pktlen c2s avg(stddev)/entropy: 4.6(208.8)/183.0][pktlen s2c avg(stddev)/entropy: 3.1(1360.9)/3378.1][bytes ratio: -0.75][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	2	TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net][pktlen c2s avg(stddev)/entropy: 4.0(68.9)/58.6][pktlen s2c avg(stddev)/entropy: 3.4(3438.7)/3467.6][bytes ratio: -0.96][PLAIN TEXT (GET /xtra)]
+	3	TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][pktlen c2s avg(stddev)/entropy: 3.5(115.4)/132.3][pktlen s2c avg(stddev)/entropy: 2.4(3558.4)/6124.9][bytes ratio: -0.93][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	4	TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][pktlen c2s avg(stddev)/entropy: 3.4(128.0)/147.3][pktlen s2c avg(stddev)/entropy: 2.6(2829.5)/3901.4][bytes ratio: -0.90][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	5	TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][pktlen c2s avg(stddev)/entropy: 3.4(102.7)/98.2][pktlen s2c avg(stddev)/entropy: 2.6(2026.6)/2611.7][bytes ratio: -0.89][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	6	TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][pktlen c2s avg(stddev)/entropy: 3.7(139.3)/140.6][pktlen s2c avg(stddev)/entropy: 2.6(518.8)/938.6][bytes ratio: -0.56][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	7	TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][pktlen c2s avg(stddev)/entropy: 2.7(129.2)/86.6][pktlen s2c avg(stddev)/entropy: 1.4(1018.9)/1610.4][bytes ratio: -0.77][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	8	TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][pktlen c2s avg(stddev)/entropy: 3.2(106.8)/85.4][pktlen s2c avg(stddev)/entropy: 2.7(594.6)/584.3][bytes ratio: -0.67][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	9	TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][pktlen c2s avg(stddev)/entropy: 3.1(111.6)/87.6][pktlen s2c avg(stddev)/entropy: 2.4(648.7)/739.4][bytes ratio: -0.68][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	10	TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][pktlen c2s avg(stddev)/entropy: 3.1(137.5)/123.8][pktlen s2c avg(stddev)/entropy: 1.8(411.2)/874.8][bytes ratio: -0.50][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	11	TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][pktlen c2s avg(stddev)/entropy: 3.1(126.8)/106.9][pktlen s2c avg(stddev)/entropy: 2.1(383.6)/639.7][bytes ratio: -0.47][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	12	TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][pktlen c2s avg(stddev)/entropy: 3.1(114.5)/94.6][pktlen s2c avg(stddev)/entropy: 1.8(490.3)/785.4][bytes ratio: -0.56][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	13	TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][pktlen c2s avg(stddev)/entropy: 2.8(131.6)/107.7][pktlen s2c avg(stddev)/entropy: 1.9(485.4)/725.4][bytes ratio: -0.57][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
+	14	TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com][pktlen c2s avg(stddev)/entropy: 3.1(65.7)/26.0][pktlen s2c avg(stddev)/entropy: 1.6(428.0)/650.9][bytes ratio: -0.71][PLAIN TEXT (GET /images/HD/CH)]
+	15	TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91.126/TLS.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][pktlen c2s avg(stddev)/entropy: 2.2(162.4)/176.8][pktlen s2c avg(stddev)/entropy: 1.8(167.5)/200.3][bytes ratio: 0.06][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA3S: 23f1f6e2f0015c166df49fdab4280370 (INSECURE)][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA]
+	16	TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][pktlen c2s avg(stddev)/entropy: 2.8(74.2)/45.7][pktlen s2c avg(stddev)/entropy: 2.1(110.1)/137.5][bytes ratio: -0.13][PLAIN TEXT (GET /lang)]
+	17	TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes][pktlen c2s avg(stddev)/entropy: 2.8(84.1)/53.4][pktlen s2c avg(stddev)/entropy: 2.5(95.4)/66.5][bytes ratio: 0.00][PLAIN TEXT (Android)]
+	18	TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][pktlen c2s avg(stddev)/entropy: 2.6(79.6)/54.1][pktlen s2c avg(stddev)/entropy: 2.1(110.1)/137.5][bytes ratio: -0.16][PLAIN TEXT (GET /newV)]
+	19	TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][pktlen c2s avg(stddev)/entropy: 2.6(79.3)/53.4][pktlen s2c avg(stddev)/entropy: 2.1(110.1)/137.5][bytes ratio: -0.16][PLAIN TEXT (GET /lang)]
+	20	TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][pktlen c2s avg(stddev)/entropy: 2.6(78.9)/52.3][pktlen s2c avg(stddev)/entropy: 2.1(110.1)/137.5][bytes ratio: -0.17][PLAIN TEXT (GET /langs/1.0/lang.portuguese)]
+	21	TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com][pktlen c2s avg(stddev)/entropy: 2.6(78.6)/51.7][pktlen s2c avg(stddev)/entropy: 2.1(109.9)/136.8][bytes ratio: -0.17][PLAIN TEXT (GET /newV)]
+	22	TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com][pktlen c2s avg(stddev)/entropy: 2.6(79.0)/52.7][pktlen s2c avg(stddev)/entropy: 2.1(104.7)/124.2][bytes ratio: -0.14][PLAIN TEXT (GET /shields)]
+	23	TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/6.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.05]
+	24	TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/6.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.05]
+	25	TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/6.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.05]
+	26	TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/6.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.05]
+	27	TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(60.0)/6.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.05]
+	28	TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.00]
+	29	TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.00]
+	30	TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.00]
+	31	TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.00]
+	32	UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(90.0)/0.0][bytes ratio: 0.00]
 
 
 Undetected flows:
-	1	TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 0/Unknown][8 pkts/678 bytes <-> 2 pkts/108 bytes]
+	1	TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 0/Unknown][8 pkts/678 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 3.0(84.8)/10.8][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.73]
diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out
index bd80b8122..52c1f672c 100644
--- a/tests/result/webex.pcap.out
+++ b/tests/result/webex.pcap.out
@@ -10,60 +10,60 @@ JA3 Host Stats:
 	1	 10.8.0.1                 	 6      
 
 
-	1	TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	2	TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	3	TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][server: *.webex.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][organization: Cisco Systems, Inc.][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	4	TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	5	TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	6	TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	7	TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	8	UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes][PLAIN TEXT (REGISTER sip)]
-	9	TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
-	10	TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91.178/TLS.Amazon][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][TLSv1][client: api.crittercism.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: *.crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	11	TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	12	TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	13	TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	14	TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	15	TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	16	TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	17	TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	18	TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	19	TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	20	TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	21	TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	22	TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	23	TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	24	TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][TLSv1.2][client: ssl.google-analytics.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1][server: *.google-analytics.com][JA3S: 389ed42c02ebecc32e73aa31def07e14][organization: Google Inc][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	25	TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/895 bytes <-> 8 pkts/4398 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	26	TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	27	TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	28	TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: www.webex.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	29	TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/461 bytes <-> 6 pkts/4231 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	30	TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/407 bytes <-> 5 pkts/4177 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
-	31	TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1465 bytes <-> 11 pkts/1065 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	32	TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1388 bytes <-> 10 pkts/1087 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	33	TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	34	TCP 10.8.0.1:33554 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	35	TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com][PLAIN TEXT (POST /j)]
-	36	TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	37	TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com][PLAIN TEXT (POST /j)]
-	38	UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes]
-	39	TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	40	TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	41	TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/501 bytes <-> 4 pkts/216 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	42	TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	43	TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	44	TCP 10.8.0.1:41757 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	45	TCP 10.8.0.1:47135 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	46	TCP 10.8.0.1:51134 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	47	TCP 10.8.0.1:51135 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	48	TCP 10.8.0.1:51676 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	49	TCP 10.8.0.1:33511 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][4 pkts/452 bytes <-> 4 pkts/216 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333]
-	50	TCP 10.8.0.1:51833 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6]
-	51	TCP 10.8.0.1:51839 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6]
-	52	TCP 10.8.0.1:41726 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/299 bytes <-> 4 pkts/216 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	53	TCP 10.8.0.1:51195 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][3 pkts/245 bytes <-> 2 pkts/108 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
-	54	TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][3 pkts/209 bytes <-> 2 pkts/108 bytes]
-	55	TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][2 pkts/128 bytes <-> 1 pkts/54 bytes]
-	56	TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes]
-	57	TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes]
+	1	TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][pktlen c2s avg(stddev)/entropy: 5.0(57.4)/36.0][pktlen s2c avg(stddev)/entropy: 2.7(1281.6)/3034.6][bytes ratio: -0.91][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	2	TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][pktlen c2s avg(stddev)/entropy: 4.0(172.0)/205.7][pktlen s2c avg(stddev)/entropy: 3.8(3745.8)/4699.9][bytes ratio: -0.91][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	3	TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][pktlen c2s avg(stddev)/entropy: 4.3(240.4)/233.4][pktlen s2c avg(stddev)/entropy: 3.5(1716.9)/3587.1][bytes ratio: -0.75][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][server: *.webex.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][organization: Cisco Systems, Inc.][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	4	TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][pktlen c2s avg(stddev)/entropy: 3.6(105.5)/135.5][pktlen s2c avg(stddev)/entropy: 3.3(2130.4)/2681.8][bytes ratio: -0.91][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	5	TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][pktlen c2s avg(stddev)/entropy: 2.9(127.6)/150.1][pktlen s2c avg(stddev)/entropy: 2.2(2863.1)/4303.6][bytes ratio: -0.91][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	6	TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][pktlen c2s avg(stddev)/entropy: 2.9(165.0)/193.3][pktlen s2c avg(stddev)/entropy: 2.4(1864.5)/2710.5][bytes ratio: -0.84][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	7	TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][pktlen c2s avg(stddev)/entropy: 4.9(228.8)/153.6][pktlen s2c avg(stddev)/entropy: 5.0(134.1)/546.8][bytes ratio: 0.30][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	8	UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 4.5(698.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (REGISTER sip)]
+	9	TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][pktlen c2s avg(stddev)/entropy: 4.5(157.2)/108.2][pktlen s2c avg(stddev)/entropy: 2.1(276.2)/830.4][bytes ratio: -0.12][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
+	10	TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91.178/TLS.Amazon][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][pktlen c2s avg(stddev)/entropy: 3.3(124.0)/148.6][pktlen s2c avg(stddev)/entropy: 2.9(541.7)/614.4][bytes ratio: -0.59][TLSv1][client: api.crittercism.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][server: *.crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	11	TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][pktlen c2s avg(stddev)/entropy: 2.5(157.4)/178.5][pktlen s2c avg(stddev)/entropy: 1.4(873.0)/1443.8][bytes ratio: -0.66][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	12	TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][pktlen c2s avg(stddev)/entropy: 2.2(187.0)/192.5][pktlen s2c avg(stddev)/entropy: 1.3(990.0)/1507.6][bytes ratio: -0.68][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	13	TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][pktlen c2s avg(stddev)/entropy: 2.5(152.1)/166.2][pktlen s2c avg(stddev)/entropy: 1.8(827.6)/1098.7][bytes ratio: -0.66][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	14	TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][pktlen c2s avg(stddev)/entropy: 2.5(152.1)/166.2][pktlen s2c avg(stddev)/entropy: 1.9(825.0)/1028.2][bytes ratio: -0.66][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	15	TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][pktlen c2s avg(stddev)/entropy: 2.3(164.4)/172.4][pktlen s2c avg(stddev)/entropy: 1.9(831.6)/1033.3][bytes ratio: -0.67][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	16	TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][pktlen c2s avg(stddev)/entropy: 2.2(180.1)/178.9][pktlen s2c avg(stddev)/entropy: 1.3(933.6)/1446.8][bytes ratio: -0.68][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	17	TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][pktlen c2s avg(stddev)/entropy: 2.2(180.1)/178.9][pktlen s2c avg(stddev)/entropy: 1.3(933.6)/1446.8][bytes ratio: -0.68][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	18	TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][pktlen c2s avg(stddev)/entropy: 2.5(152.1)/166.2][pktlen s2c avg(stddev)/entropy: 1.4(648.7)/1254.8][bytes ratio: -0.62][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	19	TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][pktlen c2s avg(stddev)/entropy: 2.3(164.4)/172.4][pktlen s2c avg(stddev)/entropy: 1.9(723.0)/919.0][bytes ratio: -0.63][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	20	TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][pktlen c2s avg(stddev)/entropy: 2.9(166.4)/167.4][pktlen s2c avg(stddev)/entropy: 1.9(400.9)/757.6][bytes ratio: -0.45][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	21	TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][pktlen c2s avg(stddev)/entropy: 2.9(163.5)/167.4][pktlen s2c avg(stddev)/entropy: 1.2(432.5)/1117.3][bytes ratio: -0.45][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	22	TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][pktlen c2s avg(stddev)/entropy: 2.9(163.5)/167.4][pktlen s2c avg(stddev)/entropy: 1.2(432.5)/1117.3][bytes ratio: -0.45][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	23	TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][pktlen c2s avg(stddev)/entropy: 2.9(163.5)/167.4][pktlen s2c avg(stddev)/entropy: 1.2(432.5)/1117.3][bytes ratio: -0.45][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	24	TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][pktlen c2s avg(stddev)/entropy: 2.6(171.1)/167.6][pktlen s2c avg(stddev)/entropy: 1.2(604.4)/1199.5][bytes ratio: -0.52][TLSv1.2][client: ssl.google-analytics.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1][server: *.google-analytics.com][JA3S: 389ed42c02ebecc32e73aa31def07e14][organization: Google Inc][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	25	TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/895 bytes <-> 8 pkts/4398 bytes][pktlen c2s avg(stddev)/entropy: 2.7(99.4)/101.1][pktlen s2c avg(stddev)/entropy: 1.5(549.8)/889.3][bytes ratio: -0.66][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	26	TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][pktlen c2s avg(stddev)/entropy: 2.5(105.1)/105.9][pktlen s2c avg(stddev)/entropy: 0.6(625.1)/1375.1][bytes ratio: -0.68][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	27	TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][pktlen c2s avg(stddev)/entropy: 2.5(105.1)/105.9][pktlen s2c avg(stddev)/entropy: 0.6(625.1)/1375.1][bytes ratio: -0.68][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	28	TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][pktlen c2s avg(stddev)/entropy: 2.2(168.7)/157.6][pktlen s2c avg(stddev)/entropy: 1.3(574.4)/988.7][bytes ratio: -0.55][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: www.webex.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	29	TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/461 bytes <-> 6 pkts/4231 bytes][pktlen c2s avg(stddev)/entropy: 2.7(65.9)/22.0][pktlen s2c avg(stddev)/entropy: 1.2(705.2)/1054.1][bytes ratio: -0.80][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	30	TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/407 bytes <-> 5 pkts/4177 bytes][pktlen c2s avg(stddev)/entropy: 2.5(67.8)/23.2][pktlen s2c avg(stddev)/entropy: 0.4(835.4)/1562.8][bytes ratio: -0.82][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
+	31	TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1465 bytes <-> 11 pkts/1065 bytes][pktlen c2s avg(stddev)/entropy: 2.7(146.5)/160.9][pktlen s2c avg(stddev)/entropy: 2.9(96.8)/101.6][bytes ratio: 0.16][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	32	TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1388 bytes <-> 10 pkts/1087 bytes][pktlen c2s avg(stddev)/entropy: 2.6(138.8)/162.8][pktlen s2c avg(stddev)/entropy: 2.7(108.7)/127.1][bytes ratio: 0.12][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	33	TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][pktlen c2s avg(stddev)/entropy: 2.5(150.8)/167.8][pktlen s2c avg(stddev)/entropy: 3.0(68.3)/40.5][bytes ratio: 0.38][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	34	TCP 10.8.0.1:33554 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][pktlen c2s avg(stddev)/entropy: 2.5(150.8)/167.8][pktlen s2c avg(stddev)/entropy: 3.0(68.3)/40.5][bytes ratio: 0.38][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	35	TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com][pktlen c2s avg(stddev)/entropy: 1.8(161.7)/194.2][pktlen s2c avg(stddev)/entropy: 1.7(136.8)/185.2][bytes ratio: 0.08][PLAIN TEXT (POST /j)]
+	36	TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes][pktlen c2s avg(stddev)/entropy: 2.2(182.9)/180.3][pktlen s2c avg(stddev)/entropy: 2.4(75.5)/48.1][bytes ratio: 0.48][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	37	TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com][pktlen c2s avg(stddev)/entropy: 1.7(124.8)/131.8][pktlen s2c avg(stddev)/entropy: 1.4(153.4)/198.8][bytes ratio: -0.10][PLAIN TEXT (POST /j)]
+	38	UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes][pktlen c2s avg(stddev)/entropy: 3.8(76.5)/14.4][pktlen s2c avg(stddev)/entropy: 1.0(50.0)/0.0][bytes ratio: 0.83]
+	39	TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][pktlen c2s avg(stddev)/entropy: 2.2(102.3)/81.4][pktlen s2c avg(stddev)/entropy: 2.2(79.8)/36.1][bytes ratio: 0.21][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	40	TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][pktlen c2s avg(stddev)/entropy: 2.0(112.0)/86.0][pktlen s2c avg(stddev)/entropy: 1.7(86.2)/55.9][bytes ratio: 0.24][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	41	TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/501 bytes <-> 4 pkts/216 bytes][pktlen c2s avg(stddev)/entropy: 2.8(71.6)/20.7][pktlen s2c avg(stddev)/entropy: 2.0(54.0)/0.0][bytes ratio: 0.40][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	42	TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	43	TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	44	TCP 10.8.0.1:41757 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	45	TCP 10.8.0.1:47135 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	46	TCP 10.8.0.1:51134 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	47	TCP 10.8.0.1:51135 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	48	TCP 10.8.0.1:51676 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][pktlen c2s avg(stddev)/entropy: 2.5(71.2)/22.4][pktlen s2c avg(stddev)/entropy: 2.3(54.0)/0.0][bytes ratio: 0.23][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	49	TCP 10.8.0.1:33511 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][4 pkts/452 bytes <-> 4 pkts/216 bytes][pktlen c2s avg(stddev)/entropy: 1.6(113.0)/91.0][pktlen s2c avg(stddev)/entropy: 2.0(54.0)/0.0][bytes ratio: 0.35][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333]
+	50	TCP 10.8.0.1:51833 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][pktlen c2s avg(stddev)/entropy: 1.7(105.8)/78.5][pktlen s2c avg(stddev)/entropy: 2.0(54.0)/0.0][bytes ratio: 0.32][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6]
+	51	TCP 10.8.0.1:51839 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][pktlen c2s avg(stddev)/entropy: 1.7(105.8)/78.5][pktlen s2c avg(stddev)/entropy: 2.0(54.0)/0.0][bytes ratio: 0.32][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6]
+	52	TCP 10.8.0.1:41726 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/299 bytes <-> 4 pkts/216 bytes][pktlen c2s avg(stddev)/entropy: 1.9(74.8)/25.7][pktlen s2c avg(stddev)/entropy: 2.0(54.0)/0.0][bytes ratio: 0.16][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	53	TCP 10.8.0.1:51195 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][3 pkts/245 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.5(81.7)/26.3][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.39][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
+	54	TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][3 pkts/209 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.6(69.7)/14.5][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.32]
+	55	TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][2 pkts/128 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(64.0)/10.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.41]
+	56	TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: -0.24]
+	57	TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: -0.24]
diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out
index 6eb1fbbc4..f3e3d7f2a 100644
--- a/tests/result/wechat.pcap.out
+++ b/tests/result/wechat.pcap.out
@@ -18,106 +18,106 @@ JA3 Host Stats:
 	1	 192.168.1.103            	 3      
 
 
-	1	TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 64.197/TLS_No_Cert.WeChat][cat: SocialNetwork/6][88 pkts/15114 bytes <-> 91 pkts/61842 bytes][PLAIN TEXT (@WPDFg)]
-	2	TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	3	TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	4	TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	5	TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	6	TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	7	TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	8	TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	9	TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	10	TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	11	TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	12	TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	13	TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	14	TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	15	TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	16	TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	17	TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	18	TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	19	TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	20	TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	21	TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/TLS.QQ][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][TLSv1.2][client: res.wx.qq.com][JA3C: 550dce18de1bb143e69d6dd9413b8355][server: wx.qq.com][JA3S: 290adf098a54ade688d1df074dbecbf2 (WEAK)][organization: Shenzhen Tencent Computer Systems Company Limited][Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384]
-	22	TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/TLS.Google][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][TLSv1.2][client: safebrowsing.googleusercontent.com][JA3C: d551fafc4f40f1dec2bb45980bfa9492][server: *.googleusercontent.com][JA3S: d655f7cd00e93ea8969c3c6e06f0156f][organization: Google Inc][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256]
-	23	UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Host: ssl.gstatic.com][PLAIN TEXT (ssl.gstatic.com)]
-	24	UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Collaborative/15][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Host: docs.google.com][PLAIN TEXT (docs.google.comr)]
-	25	TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	26	TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	27	TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	28	TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	29	TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	30	TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	31	TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][9 pkts/966 bytes <-> 6 pkts/3571 bytes][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
-	32	UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
-	33	UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com][PLAIN TEXT (ssl.gstatic.com)]
-	34	UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
-	35	TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/2508 bytes -> 0 pkts/0 bytes][PLAIN TEXT (G@aRkU)]
-	36	UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
-	37	TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes]
-	38	UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
-	39	TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][13 pkts/866 bytes <-> 4 pkts/280 bytes]
-	40	TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes]
-	41	TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][3 pkts/802 bytes <-> 3 pkts/198 bytes]
-	42	UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMECEKEBENFHFAFEFIFKCACACACACA)]
-	43	IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes]
-	44	UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EHEJEPFGEBEOEOEJ)]
-	45	TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 4 pkts/280 bytes]
-	46	TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 4 pkts/280 bytes]
-	47	UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com]
-	48	TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes]
-	49	TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes]
-	50	TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes]
-	51	TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes]
-	52	TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes]
-	53	TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][PLAIN TEXT (PLTbOhOof)]
-	54	TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes][PLAIN TEXT (lMRov.)]
-	55	TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 3 pkts/214 bytes]
-	56	TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 3 pkts/214 bytes]
-	57	TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes]
-	58	TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes]
-	59	TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/TLS][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes]
-	60	TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes]
-	61	TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes]
-	62	UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com][PLAIN TEXT (wechat)]
-	63	TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes]
-	64	TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][6 pkts/396 bytes -> 0 pkts/0 bytes]
-	65	UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com][PLAIN TEXT (safebrowsing)]
-	66	TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][3 pkts/206 bytes <-> 2 pkts/148 bytes]
-	67	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (iPhonediMonica)]
-	68	UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)]
-	69	UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)]
-	70	UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Collaborative/15][1 pkts/75 bytes <-> 1 pkts/227 bytes][Host: docs.google.com][PLAIN TEXT (google)]
-	71	IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes]
-	72	TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
-	73	IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes]
-	74	TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	75	UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)]
-	76	UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)]
-	77	UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)]
-	78	UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
-	79	UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan][PLAIN TEXT (debian)]
-	80	UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
-	81	UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
-	82	UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org][PLAIN TEXT (debian)]
-	83	UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org][PLAIN TEXT (debian)]
-	84	UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)]
-	85	UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)]
-	86	UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)]
-	87	UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)]
-	88	TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	89	TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	90	TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	91	TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	92	ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes]
-	93	0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes]
-	94	UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
-	95	UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
-	96	UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
-	97	ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes]
-	98	UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
-	99	UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
-	100	UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
-	101	UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)]
-	102	UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)]
-	103	IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes]
+	1	TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 64.197/TLS_No_Cert.WeChat][cat: SocialNetwork/6][88 pkts/15114 bytes <-> 91 pkts/61842 bytes][pktlen c2s avg(stddev)/entropy: 4.7(171.8)/98.8][pktlen s2c avg(stddev)/entropy: 4.3(679.6)/593.7][bytes ratio: -0.61][PLAIN TEXT (@WPDFg)]
+	2	TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][pktlen c2s avg(stddev)/entropy: 3.7(273.4)/407.2][pktlen s2c avg(stddev)/entropy: 4.8(1335.6)/922.0][bytes ratio: -0.62][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	3	TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][pktlen c2s avg(stddev)/entropy: 4.5(479.2)/492.4][pktlen s2c avg(stddev)/entropy: 4.0(862.7)/921.8][bytes ratio: -0.25][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	4	TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][pktlen c2s avg(stddev)/entropy: 3.8(235.1)/368.4][pktlen s2c avg(stddev)/entropy: 4.6(1003.2)/649.4][bytes ratio: -0.59][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	5	TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][pktlen c2s avg(stddev)/entropy: 3.7(360.5)/450.4][pktlen s2c avg(stddev)/entropy: 4.4(946.2)/673.4][bytes ratio: -0.51][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	6	TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][pktlen c2s avg(stddev)/entropy: 3.7(312.7)/423.4][pktlen s2c avg(stddev)/entropy: 3.8(951.5)/963.9][bytes ratio: -0.47][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	7	TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][pktlen c2s avg(stddev)/entropy: 4.4(516.4)/494.4][pktlen s2c avg(stddev)/entropy: 3.7(486.9)/579.4][bytes ratio: 0.18][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	8	TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][pktlen c2s avg(stddev)/entropy: 3.5(372.7)/453.9][pktlen s2c avg(stddev)/entropy: 3.3(938.0)/1304.2][bytes ratio: -0.41][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	9	TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][pktlen c2s avg(stddev)/entropy: 3.5(372.6)/453.8][pktlen s2c avg(stddev)/entropy: 2.7(994.3)/1870.8][bytes ratio: -0.39][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	10	TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][pktlen c2s avg(stddev)/entropy: 4.1(605.0)/586.5][pktlen s2c avg(stddev)/entropy: 3.3(346.1)/471.8][bytes ratio: 0.43][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	11	TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][pktlen c2s avg(stddev)/entropy: 3.9(482.5)/480.2][pktlen s2c avg(stddev)/entropy: 3.3(417.5)/530.0][bytes ratio: 0.21][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	12	TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][pktlen c2s avg(stddev)/entropy: 3.7(463.3)/478.0][pktlen s2c avg(stddev)/entropy: 3.2(459.0)/578.6][bytes ratio: 0.10][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	13	TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][pktlen c2s avg(stddev)/entropy: 2.7(178.2)/289.6][pktlen s2c avg(stddev)/entropy: 3.3(1048.3)/878.3][bytes ratio: -0.74][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	14	TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][pktlen c2s avg(stddev)/entropy: 3.6(386.7)/451.5][pktlen s2c avg(stddev)/entropy: 2.9(410.9)/550.6][bytes ratio: 0.13][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	15	TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][pktlen c2s avg(stddev)/entropy: 3.5(419.9)/461.7][pktlen s2c avg(stddev)/entropy: 3.1(410.4)/506.9][bytes ratio: 0.12][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	16	TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][pktlen c2s avg(stddev)/entropy: 3.1(430.0)/463.0][pktlen s2c avg(stddev)/entropy: 2.5(460.7)/553.0][bytes ratio: 0.12][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	17	TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][pktlen c2s avg(stddev)/entropy: 3.1(429.2)/462.8][pktlen s2c avg(stddev)/entropy: 2.5(460.7)/553.0][bytes ratio: 0.12][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	18	TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][pktlen c2s avg(stddev)/entropy: 3.0(308.5)/406.0][pktlen s2c avg(stddev)/entropy: 2.4(492.1)/692.3][bytes ratio: -0.12][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	19	TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][pktlen c2s avg(stddev)/entropy: 2.9(330.4)/415.8][pktlen s2c avg(stddev)/entropy: 2.6(427.9)/540.7][bytes ratio: -0.05][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	20	TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][pktlen c2s avg(stddev)/entropy: 2.8(376.3)/434.4][pktlen s2c avg(stddev)/entropy: 2.3(500.4)/627.5][bytes ratio: -0.05][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	21	TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/TLS.QQ][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][pktlen c2s avg(stddev)/entropy: 2.8(167.1)/197.3][pktlen s2c avg(stddev)/entropy: 2.1(565.6)/986.9][bytes ratio: -0.54][TLSv1.2][client: res.wx.qq.com][JA3C: 550dce18de1bb143e69d6dd9413b8355][server: wx.qq.com][JA3S: 290adf098a54ade688d1df074dbecbf2 (WEAK)][organization: Shenzhen Tencent Computer Systems Company Limited][Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384]
+	22	TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/TLS.Google][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][pktlen c2s avg(stddev)/entropy: 3.4(141.9)/195.7][pktlen s2c avg(stddev)/entropy: 3.0(368.7)/525.4][bytes ratio: -0.44][TLSv1.2][client: safebrowsing.googleusercontent.com][JA3C: d551fafc4f40f1dec2bb45980bfa9492][server: *.googleusercontent.com][JA3S: d655f7cd00e93ea8969c3c6e06f0156f][organization: Google Inc][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256]
+	23	UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Host: ssl.gstatic.com][pktlen c2s avg(stddev)/entropy: 1.9(501.0)/573.8][pktlen s2c avg(stddev)/entropy: 1.7(554.8)/598.8][bytes ratio: 0.03][PLAIN TEXT (ssl.gstatic.com)]
+	24	UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Collaborative/15][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Host: docs.google.com][pktlen c2s avg(stddev)/entropy: 1.6(447.8)/532.3][pktlen s2c avg(stddev)/entropy: 1.7(303.6)/455.1][bytes ratio: 0.12][PLAIN TEXT (docs.google.comr)]
+	25	TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][pktlen c2s avg(stddev)/entropy: 3.0(103.2)/76.6][pktlen s2c avg(stddev)/entropy: 1.7(463.9)/673.1][bytes ratio: -0.56][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	26	TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][pktlen c2s avg(stddev)/entropy: 3.0(103.2)/76.6][pktlen s2c avg(stddev)/entropy: 1.7(463.9)/673.1][bytes ratio: -0.56][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	27	TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][pktlen c2s avg(stddev)/entropy: 3.0(103.2)/76.6][pktlen s2c avg(stddev)/entropy: 1.9(462.9)/600.9][bytes ratio: -0.56][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	28	TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][pktlen c2s avg(stddev)/entropy: 3.0(103.2)/76.6][pktlen s2c avg(stddev)/entropy: 1.9(519.6)/622.0][bytes ratio: -0.56][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	29	TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][pktlen c2s avg(stddev)/entropy: 3.0(103.2)/76.6][pktlen s2c avg(stddev)/entropy: 1.9(519.6)/622.0][bytes ratio: -0.56][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	30	TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][pktlen c2s avg(stddev)/entropy: 3.0(103.2)/76.6][pktlen s2c avg(stddev)/entropy: 1.9(519.6)/622.0][bytes ratio: -0.56][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	31	TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][9 pkts/966 bytes <-> 6 pkts/3571 bytes][pktlen c2s avg(stddev)/entropy: 2.9(107.3)/79.7][pktlen s2c avg(stddev)/entropy: 1.5(595.2)/731.6][bytes ratio: -0.57][TLSv1.2][client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][organization: Tencent Mobility Limited][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	32	UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 5.0(102.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (googlecast)]
+	33	UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com][pktlen c2s avg(stddev)/entropy: 1.4(407.0)/507.8][pktlen s2c avg(stddev)/entropy: 1.3(387.4)/512.0][bytes ratio: 0.02][PLAIN TEXT (ssl.gstatic.com)]
+	34	UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 5.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (googlecast)]
+	35	TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/2508 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(1254.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (G@aRkU)]
+	36	UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.8(102.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (googlecast)]
+	37	TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes][pktlen c2s avg(stddev)/entropy: 3.3(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 3.3(66.0)/0.0][bytes ratio: 0.00]
+	38	UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.8(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (googlecast)]
+	39	TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][13 pkts/866 bytes <-> 4 pkts/280 bytes][pktlen c2s avg(stddev)/entropy: 3.7(66.6)/2.1][pktlen s2c avg(stddev)/entropy: 2.0(70.0)/4.0][bytes ratio: 0.51]
+	40	TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.3(359.3)/207.4][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	41	TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][3 pkts/802 bytes <-> 3 pkts/198 bytes][pktlen c2s avg(stddev)/entropy: 0.8(267.3)/284.7][pktlen s2c avg(stddev)/entropy: 1.6(66.0)/0.0][bytes ratio: 0.60]
+	42	UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(92.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EMECEKEBENFHFAFEFIFKCACACACACA)]
+	43	IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.9(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	44	UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(250.3)/5.2][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( EHEJEPFGEBEOEOEJ)]
+	45	TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 4 pkts/280 bytes][pktlen c2s avg(stddev)/entropy: 2.3(67.6)/3.2][pktlen s2c avg(stddev)/entropy: 2.0(70.0)/4.0][bytes ratio: 0.09]
+	46	TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 4 pkts/280 bytes][pktlen c2s avg(stddev)/entropy: 2.3(67.6)/3.2][pktlen s2c avg(stddev)/entropy: 2.0(70.0)/4.0][bytes ratio: 0.09]
+	47	UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(537.0)/0.0][bytes ratio: -0.76]
+	48	TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	49	TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	50	TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	51	TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	52	TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	53	TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.2(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (PLTbOhOof)]
+	54	TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes][pktlen c2s avg(stddev)/entropy: 2.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.9(79.8)/23.8][bytes ratio: -0.09][PLAIN TEXT (lMRov.)]
+	55	TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 3 pkts/214 bytes][pktlen c2s avg(stddev)/entropy: 2.3(67.6)/3.2][pktlen s2c avg(stddev)/entropy: 1.6(71.3)/3.8][bytes ratio: 0.22]
+	56	TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][5 pkts/338 bytes <-> 3 pkts/214 bytes][pktlen c2s avg(stddev)/entropy: 2.3(67.6)/3.2][pktlen s2c avg(stddev)/entropy: 1.6(71.3)/3.8][bytes ratio: 0.22]
+	57	TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	58	TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	59	TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/TLS][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes][pktlen c2s avg(stddev)/entropy: 2.3(58.0)/8.0][pktlen s2c avg(stddev)/entropy: 2.0(58.5)/5.0][bytes ratio: 0.11]
+	60	TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes][pktlen c2s avg(stddev)/entropy: 1.6(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.9(79.8)/23.8][bytes ratio: -0.23]
+	61	TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes][pktlen c2s avg(stddev)/entropy: 2.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.0(63.2)/12.8][bytes ratio: -0.08]
+	62	UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(391.0)/0.0][bytes ratio: -0.68][PLAIN TEXT (wechat)]
+	63	TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes][pktlen c2s avg(stddev)/entropy: 1.6(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.6(66.0)/0.0][bytes ratio: 0.00]
+	64	TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][6 pkts/396 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	65	UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com][pktlen c2s avg(stddev)/entropy: 0.0(94.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(272.0)/0.0][bytes ratio: -0.49][PLAIN TEXT (safebrowsing)]
+	66	TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][3 pkts/206 bytes <-> 2 pkts/148 bytes][pktlen c2s avg(stddev)/entropy: 1.6(68.7)/3.8][pktlen s2c avg(stddev)/entropy: 1.0(74.0)/0.0][bytes ratio: 0.16]
+	67	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica][pktlen c2s avg(stddev)/entropy: 0.0(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (iPhonediMonica)]
+	68	UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(234.0)/0.0][bytes ratio: -0.51][PLAIN TEXT (gstatic)]
+	69	UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(234.0)/0.0][bytes ratio: -0.51][PLAIN TEXT (gstatic)]
+	70	UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Collaborative/15][1 pkts/75 bytes <-> 1 pkts/227 bytes][Host: docs.google.com][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(227.0)/0.0][bytes ratio: -0.50][PLAIN TEXT (google)]
+	71	IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	72	TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(54.0)/0.0][bytes ratio: 0.00]
+	73	IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(50.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	74	TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	75	UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][pktlen c2s avg(stddev)/entropy: 1.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (lbjamwptx)]
+	76	UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq][pktlen c2s avg(stddev)/entropy: 1.0(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (cansaqcq)]
+	77	UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][pktlen c2s avg(stddev)/entropy: 1.0(88.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (mcztmpkc)]
+	78	UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][pktlen c2s avg(stddev)/entropy: 1.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	79	UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan][pktlen c2s avg(stddev)/entropy: 1.0(85.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (debian)]
+	80	UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][pktlen c2s avg(stddev)/entropy: 1.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	81	UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][pktlen c2s avg(stddev)/entropy: 1.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	82	UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org][pktlen c2s avg(stddev)/entropy: 1.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (debian)]
+	83	UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org][pktlen c2s avg(stddev)/entropy: 1.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (debian)]
+	84	UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][pktlen c2s avg(stddev)/entropy: 1.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (gstatic)]
+	85	UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][pktlen c2s avg(stddev)/entropy: 1.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (lbjamwptx)]
+	86	UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (cansaqcq)]
+	87	UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][pktlen c2s avg(stddev)/entropy: 1.0(68.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (mcztmpkc)]
+	88	TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	89	TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	90	TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	91	TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	92	ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/4.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	93	0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(110.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	94	UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(90.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	95	UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	96	UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	97	ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	98	UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	99	UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	100	UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][pktlen c2s avg(stddev)/entropy: 0.0(82.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (webpush)]
+	101	UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (gstatic)]
+	102	UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (gstatic)]
+	103	IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out
index 6d3d81316..e31596298 100644
--- a/tests/result/weibo.pcap.out
+++ b/tests/result/weibo.pcap.out
@@ -10,47 +10,47 @@ JA3 Host Stats:
 	1	 192.168.1.105            	 1      
 
 
-	1	TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn][PLAIN TEXT (GET /t6/style/css/module/base/f)]
-	2	TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Host: img.t.sinajs.cn][PLAIN TEXT (GET /t6/style/css/module/combin)]
-	3	TCP 192.168.1.105:51698 <-> 93.188.134.137:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][40 pkts/3462 bytes <-> 39 pkts/34030 bytes][Host: www.weibo.com][PLAIN TEXT (GET /login.php)]
-	4	TCP 192.168.1.105:35807 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][27 pkts/2298 bytes <-> 26 pkts/34170 bytes][Host: img.t.sinajs.cn][PLAIN TEXT (GET /t6/style/images/growth/log)]
-	5	TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Host: img.t.sinajs.cn][PLAIN TEXT (GET /t6/skin/default/skin.css)]
-	6	TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Host: img.t.sinajs.cn][PLAIN TEXT (GET /t6/style/images/common/fon)]
-	7	TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Host: img.t.sinajs.cn][PLAIN TEXT (GET /t6/style/images/global)]
-	8	UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes]
-	9	UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes]
-	10	TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com][PLAIN TEXT (GET /login.php)]
-	11	TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn][PLAIN TEXT (KGET /t)]
-	12	TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn][PLAIN TEXT (GET /public/files/image/620)]
-	13	TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][3 pkts/382 bytes <-> 1 pkts/66 bytes][TLSv1][client: g.alicdn.com][JA3C: 58e7f64db6e4fe4941dd9691d421196c][PLAIN TEXT (g.alicdn.com)]
-	14	UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/75 bytes <-> 1 pkts/191 bytes][Host: img.t.sinajs.cn]
-	15	UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/190 bytes][Host: js.t.sinajs.cn]
-	16	UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Host: g.alicdn.com][PLAIN TEXT (alicdn)]
-	17	UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Host: login.taobao.com][PLAIN TEXT (taobao)]
-	18	UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Host: u1.img.mobile.sina.cn][PLAIN TEXT (mobile)]
-	19	UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Host: acjstb.aliyun.com][PLAIN TEXT (alibabadns)]
-	20	UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Host: www.weibo.com]
-	21	TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes]
-	22	TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes]
-	23	TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes]
-	24	TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes]
-	25	UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/112 bytes][Host: log.mmstat.com][PLAIN TEXT (mmstat)]
-	26	UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: weibo.com]
-	27	TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	28	TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	29	TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	30	TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	31	TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	32	TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
-	33	UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com][PLAIN TEXT (account)]
-	34	TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	35	TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	36	TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	37	TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	38	TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	39	TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	40	TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	41	TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	42	TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
-	43	UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com]
-	44	UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn]
+	1	TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 4.4(103.2)/116.5][pktlen s2c avg(stddev)/entropy: 4.8(1324.7)/822.8][bytes ratio: -0.86][PLAIN TEXT (GET /t6/style/css/module/base/f)]
+	2	TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 4.4(113.2)/132.2][pktlen s2c avg(stddev)/entropy: 4.8(1266.4)/620.2][bytes ratio: -0.87][PLAIN TEXT (GET /t6/style/css/module/combin)]
+	3	TCP 192.168.1.105:51698 <-> 93.188.134.137:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][40 pkts/3462 bytes <-> 39 pkts/34030 bytes][Host: www.weibo.com][pktlen c2s avg(stddev)/entropy: 5.0(86.6)/69.2][pktlen s2c avg(stddev)/entropy: 4.2(872.6)/915.2][bytes ratio: -0.82][PLAIN TEXT (GET /login.php)]
+	4	TCP 192.168.1.105:35807 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][27 pkts/2298 bytes <-> 26 pkts/34170 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 4.4(85.1)/91.2][pktlen s2c avg(stddev)/entropy: 4.6(1314.2)/448.1][bytes ratio: -0.87][PLAIN TEXT (GET /t6/style/images/growth/log)]
+	5	TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 3.8(110.6)/126.8][pktlen s2c avg(stddev)/entropy: 4.0(1046.1)/556.9][bytes ratio: -0.80][PLAIN TEXT (GET /t6/skin/default/skin.css)]
+	6	TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 3.7(93.4)/108.1][pktlen s2c avg(stddev)/entropy: 3.9(1216.5)/525.5][bytes ratio: -0.85][PLAIN TEXT (GET /t6/style/images/common/fon)]
+	7	TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 2.1(135.1)/161.3][pktlen s2c avg(stddev)/entropy: 2.1(625.8)/505.1][bytes ratio: -0.60][PLAIN TEXT (GET /t6/style/images/global)]
+	8	UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes][pktlen c2s avg(stddev)/entropy: 2.6(162.6)/122.4][pktlen s2c avg(stddev)/entropy: 2.2(145.5)/129.3][bytes ratio: 0.20]
+	9	UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes][pktlen c2s avg(stddev)/entropy: 2.2(192.6)/93.4][pktlen s2c avg(stddev)/entropy: 1.4(245.2)/241.0][bytes ratio: -0.01]
+	10	TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com][pktlen c2s avg(stddev)/entropy: 1.5(147.2)/176.6][pktlen s2c avg(stddev)/entropy: 1.0(215.8)/273.3][bytes ratio: -0.08][PLAIN TEXT (GET /login.php)]
+	11	TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 1.0(201.3)/185.8][pktlen s2c avg(stddev)/entropy: 1.0(70.0)/4.0][bytes ratio: 0.62][PLAIN TEXT (KGET /t)]
+	12	TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn][pktlen c2s avg(stddev)/entropy: 0.9(203.3)/197.2][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.80][PLAIN TEXT (GET /public/files/image/620)]
+	13	TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][3 pkts/382 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.2(127.3)/89.9][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.71][TLSv1][client: g.alicdn.com][JA3C: 58e7f64db6e4fe4941dd9691d421196c][PLAIN TEXT (g.alicdn.com)]
+	14	UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/75 bytes <-> 1 pkts/191 bytes][Host: img.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 0.0(75.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(191.0)/0.0][bytes ratio: -0.44]
+	15	UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/190 bytes][Host: js.t.sinajs.cn][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(190.0)/0.0][bytes ratio: -0.44]
+	16	UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Host: g.alicdn.com][pktlen c2s avg(stddev)/entropy: 0.0(72.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(171.0)/0.0][bytes ratio: -0.41][PLAIN TEXT (alicdn)]
+	17	UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Host: login.taobao.com][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(166.0)/0.0][bytes ratio: -0.37][PLAIN TEXT (taobao)]
+	18	UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Host: u1.img.mobile.sina.cn][pktlen c2s avg(stddev)/entropy: 0.0(81.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(159.0)/0.0][bytes ratio: -0.32][PLAIN TEXT (mobile)]
+	19	UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Host: acjstb.aliyun.com][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(157.0)/0.0][bytes ratio: -0.34][PLAIN TEXT (alibabadns)]
+	20	UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Host: www.weibo.com][pktlen c2s avg(stddev)/entropy: 0.0(73.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(142.0)/0.0][bytes ratio: -0.32]
+	21	TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][pktlen c2s avg(stddev)/entropy: 1.0(70.0)/4.0][pktlen s2c avg(stddev)/entropy: 0.0(74.0)/0.0][bytes ratio: 0.31]
+	22	TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(64.0)/10.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.32]
+	23	TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(64.0)/10.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.32]
+	24	TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(64.0)/10.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.32]
+	25	UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/112 bytes][Host: log.mmstat.com][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(112.0)/0.0][bytes ratio: -0.20][PLAIN TEXT (mmstat)]
+	26	UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: weibo.com][pktlen c2s avg(stddev)/entropy: 0.0(69.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(85.0)/0.0][bytes ratio: -0.10]
+	27	TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	28	TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	29	TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	30	TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	31	TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	32	TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 0.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.00]
+	33	UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com][pktlen c2s avg(stddev)/entropy: 0.0(77.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (account)]
+	34	TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	35	TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	36	TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	37	TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	38	TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	39	TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	40	TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	41	TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	42	TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	43	UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com][pktlen c2s avg(stddev)/entropy: 0.0(74.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	44	UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn][pktlen c2s avg(stddev)/entropy: 0.0(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out
index ddddd743b..04c5c85b7 100644
--- a/tests/result/whatsapp_login_call.pcap.out
+++ b/tests/result/whatsapp_login_call.pcap.out
@@ -17,60 +17,60 @@ JA3 Host Stats:
 	1	 192.168.2.4              	 1      
 
 
-	1	UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes][PLAIN TEXT (zTdFPOk)]
-	2	UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes]
-	3	TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat/9][100 pkts/14711 bytes <-> 80 pkts/10163 bytes][PLAIN TEXT (iPhone)]
-	4	TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][TLSv1.2][client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	5	TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/TLS.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][TLSv1.2][client: query.ess.apple.com][JA3C: 799135475da362592a4be9199d258726][server: *.ess.apple.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][organization: Apple Inc.][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	6	TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][TLSv1.2][client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
-	7	TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes][PLAIN TEXT (yfV.nY)]
-	8	UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 87/RTP][cat: Media/1][12 pkts/2341 bytes <-> 12 pkts/2484 bytes]
-	9	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
-	10	UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 87/RTP][cat: Media/1][9 pkts/1842 bytes <-> 11 pkts/1151 bytes]
-	11	UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)]
-	12	TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes]
-	13	UDP 192.168.2.4:51518 -> 1.194.90.191:60312 [proto: 78/STUN][cat: Network/14][15 pkts/1290 bytes -> 0 pkts/0 bytes]
-	14	UDP 192.168.2.4:52794 -> 1.194.90.191:51727 [proto: 78/STUN][cat: Network/14][12 pkts/1032 bytes -> 0 pkts/0 bytes]
-	15	ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes]
-	16	UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	17	UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	18	UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	19	UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	20	UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	21	UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	22	UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	23	UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	24	UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	25	UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][PLAIN TEXT (ay.OF@)]
-	26	UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	27	UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	28	UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	29	UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	30	TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/TLS][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes]
-	31	TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes]
-	32	UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com][PLAIN TEXT (akadns)]
-	33	UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e13.whatsapp.net][PLAIN TEXT (whatsapp)]
-	34	UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][3 pkts/258 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)]
-	35	UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes]
-	36	UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes]
-	37	UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes]
-	38	UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes]
-	39	TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	40	TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	41	TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	42	TCP 192.168.2.4:49203 <-> 17.178.104.14:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes]
-	43	TCP 192.168.2.4:49163 <-> 17.154.66.111:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	44	TCP 192.168.2.4:49164 <-> 17.167.142.31:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	45	TCP 192.168.2.4:49165 <-> 17.172.100.55:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	46	TCP 192.168.2.4:49166 <-> 17.154.66.121:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	47	TCP 192.168.2.4:49167 <-> 17.172.100.8:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	48	TCP 192.168.2.4:49169 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	49	TCP 192.168.2.4:49175 <-> 17.172.100.53:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	50	TCP 192.168.2.4:49176 <-> 17.130.137.77:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	51	TCP 192.168.2.4:49180 <-> 17.172.100.59:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	52	TCP 192.168.2.4:49181 <-> 17.172.100.37:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	53	TCP 192.168.2.4:49182 <-> 17.172.100.52:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	54	TCP 192.168.2.4:49191 <-> 17.172.100.49:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	55	TCP 192.168.2.4:49197 <-> 17.167.142.39:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	56	TCP 192.168.2.4:49198 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
-	57	TCP 192.168.2.4:49200 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes]
+	1	UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes][pktlen c2s avg(stddev)/entropy: 5.0(145.3)/100.0][pktlen s2c avg(stddev)/entropy: 4.9(93.1)/64.5][bytes ratio: 0.02][PLAIN TEXT (zTdFPOk)]
+	2	UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes][pktlen c2s avg(stddev)/entropy: 5.0(124.3)/75.0][pktlen s2c avg(stddev)/entropy: 4.8(226.1)/128.5][bytes ratio: 0.15]
+	3	TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat/9][100 pkts/14711 bytes <-> 80 pkts/10163 bytes][pktlen c2s avg(stddev)/entropy: 4.5(147.1)/238.5][pktlen s2c avg(stddev)/entropy: 4.9(127.0)/99.0][bytes ratio: 0.18][PLAIN TEXT (iPhone)]
+	4	TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][pktlen c2s avg(stddev)/entropy: 3.9(405.9)/488.5][pktlen s2c avg(stddev)/entropy: 3.6(275.5)/347.9][bytes ratio: 0.28][TLSv1.2][client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	5	TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/TLS.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][pktlen c2s avg(stddev)/entropy: 3.1(364.0)/552.5][pktlen s2c avg(stddev)/entropy: 3.1(563.3)/634.4][bytes ratio: -0.11][TLSv1.2][client: query.ess.apple.com][JA3C: 799135475da362592a4be9199d258726][server: *.ess.apple.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][organization: Apple Inc.][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	6	TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][pktlen c2s avg(stddev)/entropy: 3.1(362.7)/464.1][pktlen s2c avg(stddev)/entropy: 2.9(235.9)/321.5][bytes ratio: 0.27][TLSv1.2][client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
+	7	TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes][pktlen c2s avg(stddev)/entropy: 2.7(430.2)/466.8][pktlen s2c avg(stddev)/entropy: 3.1(108.5)/82.6][bytes ratio: 0.60][PLAIN TEXT (yfV.nY)]
+	8	UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 87/RTP][cat: Media/1][12 pkts/2341 bytes <-> 12 pkts/2484 bytes][pktlen c2s avg(stddev)/entropy: 3.4(195.1)/97.6][pktlen s2c avg(stddev)/entropy: 3.4(207.0)/107.5][bytes ratio: -0.03]
+	9	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac][pktlen c2s avg(stddev)/entropy: 3.3(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
+	10	UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 87/RTP][cat: Media/1][9 pkts/1842 bytes <-> 11 pkts/1151 bytes][pktlen c2s avg(stddev)/entropy: 3.0(204.7)/81.8][pktlen s2c avg(stddev)/entropy: 3.4(104.6)/22.8][bytes ratio: 0.23]
+	11	UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.0(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 3375359593)]
+	12	TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes][pktlen c2s avg(stddev)/entropy: 3.0(125.6)/68.4][pktlen s2c avg(stddev)/entropy: 2.9(108.5)/42.5][bytes ratio: 0.13]
+	13	UDP 192.168.2.4:51518 -> 1.194.90.191:60312 [proto: 78/STUN][cat: Network/14][15 pkts/1290 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.9(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	14	UDP 192.168.2.4:52794 -> 1.194.90.191:51727 [proto: 78/STUN][cat: Network/14][12 pkts/1032 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.6(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	15	ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 3.3(70.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	16	UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	17	UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	18	UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	19	UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	20	UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	21	UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	22	UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	23	UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	24	UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	25	UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49][PLAIN TEXT (ay.OF@)]
+	26	UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	27	UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	28	UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	29	UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	30	TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/TLS][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes][pktlen c2s avg(stddev)/entropy: 1.6(58.0)/5.7][pktlen s2c avg(stddev)/entropy: 0.9(108.5)/42.5][bytes ratio: -0.11]
+	31	TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes][pktlen c2s avg(stddev)/entropy: 1.6(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(66.0)/0.0][bytes ratio: 0.20]
+	32	UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com][pktlen c2s avg(stddev)/entropy: 0.0(79.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(251.0)/0.0][bytes ratio: -0.52][PLAIN TEXT (akadns)]
+	33	UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e13.whatsapp.net][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(204.0)/0.0][bytes ratio: -0.46][PLAIN TEXT (whatsapp)]
+	34	UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][3 pkts/258 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.6(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SpotUdp)]
+	35	UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(129.0)/33.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	36	UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(129.0)/33.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	37	UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.9(109.0)/33.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	38	UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.9(109.0)/33.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	39	TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	40	TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	41	TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	42	TCP 192.168.2.4:49203 <-> 17.178.104.14:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][pktlen c2s avg(stddev)/entropy: 1.0(66.0)/12.0][pktlen s2c avg(stddev)/entropy: 0.0(66.0)/0.0][bytes ratio: 0.33]
+	43	TCP 192.168.2.4:49163 <-> 17.154.66.111:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	44	TCP 192.168.2.4:49164 <-> 17.167.142.31:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	45	TCP 192.168.2.4:49165 <-> 17.172.100.55:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	46	TCP 192.168.2.4:49166 <-> 17.154.66.121:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	47	TCP 192.168.2.4:49167 <-> 17.172.100.8:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	48	TCP 192.168.2.4:49169 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	49	TCP 192.168.2.4:49175 <-> 17.172.100.53:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	50	TCP 192.168.2.4:49176 <-> 17.130.137.77:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	51	TCP 192.168.2.4:49180 <-> 17.172.100.59:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	52	TCP 192.168.2.4:49181 <-> 17.172.100.37:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	53	TCP 192.168.2.4:49182 <-> 17.172.100.52:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	54	TCP 192.168.2.4:49191 <-> 17.172.100.49:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	55	TCP 192.168.2.4:49197 <-> 17.167.142.39:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	56	TCP 192.168.2.4:49198 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
+	57	TCP 192.168.2.4:49200 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][pktlen c2s avg(stddev)/entropy: 1.0(54.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(54.0)/0.0][bytes ratio: 0.33]
diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out
index 240356883..b3be76f77 100644
--- a/tests/result/whatsapp_login_chat.pcap.out
+++ b/tests/result/whatsapp_login_chat.pcap.out
@@ -6,12 +6,12 @@ WhatsApp	32	3243	2
 Spotify	1	86	1
 ApplePush	6	2095	1
 
-	1	TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes]
-	2	TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes][PLAIN TEXT (iPhone)]
-	3	TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes]
-	4	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
-	5	UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)]
-	6	UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net][PLAIN TEXT (whatsapp)]
-	7	UDP [fe80::189c:c31b:1298:224]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/111 bytes -> 0 pkts/0 bytes][PLAIN TEXT (airplay)]
-	8	UDP 192.168.2.4:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][PLAIN TEXT (airplay)]
-	9	UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)]
+	1	TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes][pktlen c2s avg(stddev)/entropy: 4.0(629.9)/544.4][pktlen s2c avg(stddev)/entropy: 3.4(312.7)/369.6][bytes ratio: 0.41]
+	2	TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes][pktlen c2s avg(stddev)/entropy: 3.8(105.5)/67.5][pktlen s2c avg(stddev)/entropy: 3.7(89.9)/22.2][bytes ratio: 0.21][PLAIN TEXT (iPhone)]
+	3	TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 2.6(349.2)/57.8][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00]
+	4	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac][pktlen c2s avg(stddev)/entropy: 2.6(342.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
+	5	UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 1.0(544.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT ( 3375359593)]
+	6	UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net][pktlen c2s avg(stddev)/entropy: 0.0(76.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(204.0)/0.0][bytes ratio: -0.46][PLAIN TEXT (whatsapp)]
+	7	UDP [fe80::189c:c31b:1298:224]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/111 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(111.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (airplay)]
+	8	UDP 192.168.2.4:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(91.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (airplay)]
+	9	UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][pktlen c2s avg(stddev)/entropy: 0.0(86.0)/0.0][pktlen s2c avg(stddev)/entropy: 0.0(nan)/0.0][bytes ratio: 1.00][PLAIN TEXT (SpotUdp)]
diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out
index b9fb1b209..50a323176 100644
--- a/tests/result/whatsapp_voice_and_message.pcap.out
+++ b/tests/result/whatsapp_voice_and_message.pcap.out
@@ -1,16 +1,16 @@
 WhatsApp	217	22139	5
 WhatsAppVoice	44	5916	8
 
-	1	TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes][PLAIN TEXT (Android)]
-	2	TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes][PLAIN TEXT (Android)]
-	3	TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes][PLAIN TEXT (Android)]
-	4	TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes][PLAIN TEXT (Android)]
-	5	TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes][PLAIN TEXT (Android)]
-	6	UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes]
-	7	UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	8	UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	9	UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	10	UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	11	UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	12	UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
-	13	UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+	1	TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes][pktlen c2s avg(stddev)/entropy: 4.7(84.6)/55.4][pktlen s2c avg(stddev)/entropy: 4.6(95.9)/94.3][bytes ratio: -0.09][PLAIN TEXT (Android)]
+	2	TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes][pktlen c2s avg(stddev)/entropy: 4.1(126.2)/124.1][pktlen s2c avg(stddev)/entropy: 4.0(89.1)/91.7][bytes ratio: 0.21][PLAIN TEXT (Android)]
+	3	TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes][pktlen c2s avg(stddev)/entropy: 3.2(179.3)/202.7][pktlen s2c avg(stddev)/entropy: 2.8(134.6)/240.7][bytes ratio: 0.14][PLAIN TEXT (Android)]
+	4	TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes][pktlen c2s avg(stddev)/entropy: 4.5(88.9)/58.4][pktlen s2c avg(stddev)/entropy: 4.4(88.5)/60.8][bytes ratio: 0.00][PLAIN TEXT (Android)]
+	5	TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes][pktlen c2s avg(stddev)/entropy: 3.6(80.2)/43.9][pktlen s2c avg(stddev)/entropy: 3.4(84.4)/62.4][bytes ratio: 0.01][PLAIN TEXT (Android)]
+	6	UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes][pktlen c2s avg(stddev)/entropy: 2.3(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 2.0(86.0)/0.0][bytes ratio: 0.42]
+	7	UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	8	UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	9	UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	10	UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	11	UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	12	UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
+	13	UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][pktlen c2s avg(stddev)/entropy: 1.6(168.0)/0.0][pktlen s2c avg(stddev)/entropy: 1.0(86.0)/0.0][bytes ratio: 0.49]
diff --git a/tests/result/whatsappfiles.pcap.out b/tests/result/whatsappfiles.pcap.out
index dd7fca63a..4fdfc4093 100644
--- a/tests/result/whatsappfiles.pcap.out
+++ b/tests/result/whatsappfiles.pcap.out
@@ -5,5 +5,5 @@ JA3 Host Stats:
 	1	 192.168.2.29             	 2      
 
 
-	1	TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes][TLSv1.2][client: mmg-fna.whatsapp.net][JA3C: 4e1a414c4f4c99097edd2a9a98e336c8][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
-	2	TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes][TLSv1.2][client: mmg-fna.whatsapp.net][JA3C: 107144b88827da5da9ed42d8776ccdc5][server: *.whatsapp.net][JA3S: 2d1eb5817ece335c24904f516ad5da12][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	1	TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes][pktlen c2s avg(stddev)/entropy: 4.9(75.0)/51.0][pktlen s2c avg(stddev)/entropy: 4.8(1333.7)/391.7][bytes ratio: -0.92][TLSv1.2][client: mmg-fna.whatsapp.net][JA3C: 4e1a414c4f4c99097edd2a9a98e336c8][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes][pktlen c2s avg(stddev)/entropy: 4.4(1175.1)/540.1][pktlen s2c avg(stddev)/entropy: 4.9(105.6)/167.3][bytes ratio: 0.85][TLSv1.2][client: mmg-fna.whatsapp.net][JA3C: 107144b88827da5da9ed42d8776ccdc5][server: *.whatsapp.net][JA3S: 2d1eb5817ece335c24904f516ad5da12][organization: Facebook, Inc.][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
diff --git a/tests/result/wireguard.pcap.out b/tests/result/wireguard.pcap.out
index 5b0d7dba4..8d859a1a0 100644
--- a/tests/result/wireguard.pcap.out
+++ b/tests/result/wireguard.pcap.out
@@ -1,3 +1,3 @@
 WireGuard	2399	734182	1
 
-	1	UDP 139.162.192.157:51820 <-> 192.168.0.14:36116 [proto: 206/WireGuard][cat: VPN/2][1362 pkts/518526 bytes <-> 1037 pkts/215656 bytes][PLAIN TEXT (RJxM17)]
+	1	UDP 139.162.192.157:51820 <-> 192.168.0.14:36116 [proto: 206/WireGuard][cat: VPN/2][1362 pkts/518526 bytes <-> 1037 pkts/215656 bytes][pktlen c2s avg(stddev)/entropy: 4.7(380.7)/361.7][pktlen s2c avg(stddev)/entropy: 5.0(208.0)/134.8][bytes ratio: 0.41][PLAIN TEXT (RJxM17)]
diff --git a/tests/result/youtube_quic.pcap.out b/tests/result/youtube_quic.pcap.out
index 896ec30a1..47964bcbe 100644
--- a/tests/result/youtube_quic.pcap.out
+++ b/tests/result/youtube_quic.pcap.out
@@ -1,6 +1,6 @@
 YouTube	258	178495	1
 Google	31	13144	2
 
-	1	UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)]
-	2	UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Host: googleads.g.doubleclick.net][PLAIN TEXT (googleads.g.doubleclick.net)]
-	3	UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Host: pagead2.googlesyndication.com][PLAIN TEXT (pagead2.googlesyndication.com)]
+	1	UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Host: yt3.ggpht.com][pktlen c2s avg(stddev)/entropy: 4.9(142.6)/176.1][pktlen s2c avg(stddev)/entropy: 4.7(1119.9)/437.4][bytes ratio: -0.82][PLAIN TEXT (yt3.ggpht.com)]
+	2	UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Host: googleads.g.doubleclick.net][pktlen c2s avg(stddev)/entropy: 2.3(436.6)/523.6][pktlen s2c avg(stddev)/entropy: 2.4(526.2)/546.1][bytes ratio: -0.09][PLAIN TEXT (googleads.g.doubleclick.net)]
+	3	UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Host: pagead2.googlesyndication.com][pktlen c2s avg(stddev)/entropy: 1.8(330.3)/449.0][pktlen s2c avg(stddev)/entropy: 1.6(361.2)/478.5][bytes ratio: 0.03][PLAIN TEXT (pagead2.googlesyndication.com)]
diff --git a/tests/result/youtubeupload.pcap.out b/tests/result/youtubeupload.pcap.out
index db8d12514..6e8fbebe1 100644
--- a/tests/result/youtubeupload.pcap.out
+++ b/tests/result/youtubeupload.pcap.out
@@ -5,6 +5,6 @@ JA3 Host Stats:
 	1	 192.168.2.27             	 1      
 
 
-	1	UDP 192.168.2.27:51925 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][80 pkts/100473 bytes <-> 20 pkts/6003 bytes][Host: upload.youtube.com][PLAIN TEXT (upload.youtube.comQ)]
-	2	UDP 192.168.2.27:62232 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][13 pkts/8651 bytes <-> 11 pkts/6463 bytes][Host: upload.youtube.com][PLAIN TEXT (upload.youtube.comQ)]
-	3	TCP 192.168.2.27:57452 <-> 172.217.23.111:443 [proto: 91.136/TLS.YouTubeUpload][cat: Media/1][6 pkts/649 bytes <-> 7 pkts/4799 bytes][TLSv1.2][client: upload.youtube.com][JA3C: bc6c386f480ee97b9d9e52d472b772d8][server: upload.video.google.com][JA3S: b26c652e0a402a24b5ca2a660e84f9d5][organization: Google Inc][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	1	UDP 192.168.2.27:51925 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][80 pkts/100473 bytes <-> 20 pkts/6003 bytes][Host: upload.youtube.com][pktlen c2s avg(stddev)/entropy: 5.0(1255.9)/385.3][pktlen s2c avg(stddev)/entropy: 3.1(300.1)/473.5][bytes ratio: 0.89][PLAIN TEXT (upload.youtube.comQ)]
+	2	UDP 192.168.2.27:62232 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][13 pkts/8651 bytes <-> 11 pkts/6463 bytes][Host: upload.youtube.com][pktlen c2s avg(stddev)/entropy: 2.9(665.5)/633.6][pktlen s2c avg(stddev)/entropy: 2.6(587.5)/618.0][bytes ratio: 0.14][PLAIN TEXT (upload.youtube.comQ)]
+	3	TCP 192.168.2.27:57452 <-> 172.217.23.111:443 [proto: 91.136/TLS.YouTubeUpload][cat: Media/1][6 pkts/649 bytes <-> 7 pkts/4799 bytes][pktlen c2s avg(stddev)/entropy: 2.3(108.2)/73.1][pktlen s2c avg(stddev)/entropy: 2.1(685.6)/634.0][bytes ratio: -0.76][TLSv1.2][client: upload.youtube.com][JA3C: bc6c386f480ee97b9d9e52d472b772d8][server: upload.video.google.com][JA3S: b26c652e0a402a24b5ca2a660e84f9d5][organization: Google Inc][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
diff --git a/tests/result/zcash.pcap.out b/tests/result/zcash.pcap.out
index 84e44e9a3..f7003bef4 100644
--- a/tests/result/zcash.pcap.out
+++ b/tests/result/zcash.pcap.out
@@ -1,3 +1,3 @@
 Mining	145	20644	1
 
-	1	TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes][PLAIN TEXT (method)]
+	1	TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes][pktlen c2s avg(stddev)/entropy: 4.7(142.0)/91.4][pktlen s2c avg(stddev)/entropy: 4.8(142.9)/88.4][bytes ratio: 0.14][PLAIN TEXT (method)]