diff options
Diffstat (limited to 'tests')
91 files changed, 1913 insertions, 1913 deletions
diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out index 73d91f0af..e2d5cea15 100644 --- a/tests/result/1kxun.pcap.out +++ b/tests/result/1kxun.pcap.out @@ -19,135 +19,135 @@ JA3 Host Stats: 1 192.168.5.16 2 - 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Host: 183.131.48.144][bytes ratio: -0.836 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 189.9/321.4 862/665 235.6/194.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.0/1060.5 557/1078 44.0/127.3][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][ContentType: video/mp4][UserAgent: ][PLAIN TEXT (GET /vlive.qq)] - 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Host: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472.5/1028.9 44994/45054 11986.3/6713.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 95.7/1209.9 416/1314 113.3/325.4][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] - 3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Host: pic.1kxun.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3465.9/3.9 44999/62 11989.6/12.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 135.6/1145.0 415/1314 149.1/400.0][URL: pic.1kxun.com/video_kankan/images/videos/3578-ywzj.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] - 4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Host: pic.1kxun.com][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2648.9/11.6 44748/253 10524.9/44.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116.1/1126.9 415/1314 133.3/398.1][URL: pic.1kxun.com/video_kankan/images/videos/3713-ydm.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] - 5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Host: pic.1kxun.com][bytes ratio: -0.887 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3006.5/1410.1 44996/45052 11222.2/7838.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 128.2/1131.9 423/1314 145.2/402.7][URL: pic.1kxun.com/video_kankan/images/videos/4657-jfyj.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] - 6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.892 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15.8/8.0 194/109 46.1/23.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87.5/1207.9 411/1314 102.3/329.2][URL: jp.kankan.1kxun.mobi/api/movies/mp4script/10410?definition=true][StatusCode: 200][ContentType: text/xml][UserAgent: ][PLAIN TEXT (GET /api/movies/mp4)] - 7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Host: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11.6/6.1 66/65 22.8/18.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100.8/1095.5 415/1314 118.8/461.2][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] - 8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Host: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632.4/3.6 45001/65 14880.0/14.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116.3/1099.3 415/1314 133.6/455.3][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] - 9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Host: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 48.8/52.0 298/178 81.1/57.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 235.8/538.8 499/1314 192.8/555.7][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][ContentType: application/x-www-form-urlencoded][UserAgent: Mozilla/5.0][PLAIN TEXT (POST /api/proxy)] - 10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 3.8/1.8 10/8 3.7/3.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.7/1102.8 334/1514 99.1/610.2][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][ContentType: image/jpeg][UserAgent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)] - 11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3.2/1.7 10/6 4.1/2.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.7/1060.2 334/1514 99.1/619.9][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][ContentType: image/jpeg][UserAgent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)] - 12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 511.6/0.0 2044/0 526.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 557.6/0.0 590/0 29.6/0.0][PLAIN TEXT (NOTIFY )] - 13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 102/0 511.5/0.0 2044/0 526.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 482/0 529.6/0.0 562/0 29.6/0.0][PLAIN TEXT (NOTIFY )] - 14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/TLS][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352.0/2546.4 3289/14274 979.8/4917.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482.2/116.5 1514/386 581.5/101.3] - 15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Host: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70.1/191.0 476/506 135.7/201.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197.2/200.0 499/372 175.9/149.1][URL: vv.video.qq.com/getvinfo][StatusCode: 100][ContentType: ][UserAgent: Mozilla/5.0][PLAIN TEXT (POST /getvinfo HTTP/1.1)] - 16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3105.8/0.0 12289/0 3176.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342.0/0.0 342/0 0.0/0.0] - 17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60.0/44.0 176/133 82.0/54.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512.5/459.4 1159/1464 468.4/535.8] - 18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2322.6/4176.2 15252/15254 4895.4/5951.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178.1/210.4 1067/1055 287.5/323.1][TLSv1.2][Client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746.1/1336.2 5987/5987 1865.2/2340.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177.7/210.4 1067/1055 287.4/323.1][TLSv1.2][Client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753.4/1500.5 5998/5998 1982.3/2596.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 189.5/231.9 1067/1055 298.9/340.1][TLSv1.2][Client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.2/16.0 36/43 13.3/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141.0/456.4 390/1314 143.8/511.5][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][ContentType: application/json][UserAgent: ][PLAIN TEXT (GET /api/videos/10410.j)] - 22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 981.8/1763.2 6000/6000 1977.8/2381.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 176.6/158.4 1051/639 283.0/188.4][TLSv1.2][Client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5638.9/28.5 44799/53 14801.4/24.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139.4/366.0 468/1272 164.4/523.1][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][ContentType: application/x-javascript][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/10410.j)] - 24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 63.5/63.5 205/212 84.1/87.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201.2/297.4 471/1223 139.5/462.8] - 25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488.2/0.0 17921/0 4136.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Host: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5642.8/39.5 44798/70 14799.6/30.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 140.6/245.0 474/788 166.8/313.5][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][ContentType: application/json][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/alsolikes/10410)] - 27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Host: 183.131.48.145][bytes ratio: 0.244 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 28.5/41.5 74/83 34.4/41.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 142.8/216.8 486/687 171.7/271.5][URL: 183.131.48.145/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 302][ContentType: ][UserAgent: ][PLAIN TEXT (GET /vlive.qq)] - 28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 5110.0/0.0 15056/0 4451.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198.4/0.0 14952/0 3584.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4679.7/0.0 19869/0 5063.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Host: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2390.6/3919.0 11352/11551 4481.4/5397.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142.3/197.2 331/390 116.9/157.4][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][ContentType: text/html][UserAgent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)] - 32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5540.9/0.0 19870/0 5204.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631.2/0.0 15155/0 3854.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126.4/0.0 24065/0 7503.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5631.9/0.0 18024/0 4842.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 53.9/119.0 318/119 106.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88.0/190.7 212/446 62.2/180.6][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0][PLAIN TEXT (GET /api/qq)] - 37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5441.7/0.0 17101/0 4875.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8173.7/0.0 27242/0 8848.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)] - 40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46] - 41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2798.8/0.0 5942/0 1567.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][Host: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708.2/0.0 9111/0 2901.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92.0/0.0 92/0 0.0/0.0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)] - 43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][Host: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)] - 44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][Host: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 299.6/0.0 749/0 366.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92.0/0.0 92/0 0.0/0.0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)] - 45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)] - 46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes] - 47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes] - 48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (official)] - 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14998.7/45002.0 44996/45002 21211.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55.0/66.0 55/66 0.0/0.0] - 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)] - 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)] - 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com] - 53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][Host: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)] - 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (kankan)] - 55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com] - 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)] - 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)] - 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad] - 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes] - 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)] - 61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)] - 62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: nasfile][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)] - 63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________] - 64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________] - 65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________] - 66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes] - 70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)] - 73 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)] - 74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)] - 75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)] - 78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)] - 79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________] - 80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________] - 81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________] - 82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: kasper-mac][PLAIN TEXT (Kasper)] - 85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: wangs-ltw] - 87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc][PLAIN TEXT (Joanna)] - 88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc][PLAIN TEXT (Joanna)] - 89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc][PLAIN TEXT (Joanna)] - 90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: joanna-pc][PLAIN TEXT (Joanna)] - 91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)] - 92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)] - 93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] - 97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: usher-pc] - 98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)] - 99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)] - 100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: ro_x1c] - 101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes] - 102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes] - 103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes] - 104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes] - 105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Host: gfile][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)] - 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)] - 107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)] - 111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-pc][PLAIN TEXT (charming)] - 113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-pc] - 114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-pc] - 115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)] + 1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Web/5][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Goodput ratio: 6.7/94.9][51.74 sec][Host: 183.131.48.144][bytes ratio: -0.836 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 189.9/321.4 862/665 235.6/194.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.0/1060.5 557/1078 44.0/127.3][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][ContentType: video/mp4][UserAgent: ][PLAIN TEXT (GET /vlive.qq)] + 2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42.1/95.5][45.37 sec][Host: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472.5/1028.9 44994/45054 11986.3/6713.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 95.7/1209.9 416/1314 113.3/325.4][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] + 3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Goodput ratio: 59.2/95.2][45.30 sec][Host: pic.1kxun.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3465.9/3.9 44999/62 11989.6/12.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 135.6/1145.0 415/1314 149.1/400.0][URL: pic.1kxun.com/video_kankan/images/videos/3578-ywzj.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] + 4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Goodput ratio: 51.7/95.1][45.33 sec][Host: pic.1kxun.com][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2648.9/11.6 44748/253 10524.9/44.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116.1/1126.9 415/1314 133.3/398.1][URL: pic.1kxun.com/video_kankan/images/videos/3713-ydm.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] + 5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Goodput ratio: 56.9/95.2][45.32 sec][Host: pic.1kxun.com][bytes ratio: -0.887 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3006.5/1410.1 44996/45052 11222.2/7838.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 128.2/1131.9 423/1314 145.2/402.7][URL: pic.1kxun.com/video_kankan/images/videos/4657-jfyj.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] + 6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Goodput ratio: 37.1/95.5][0.42 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.892 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15.8/8.0 194/109 46.1/23.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87.5/1207.9 411/1314 102.3/329.2][URL: jp.kankan.1kxun.mobi/api/movies/mp4script/10410?definition=true][StatusCode: 200][ContentType: text/xml][UserAgent: ][PLAIN TEXT (GET /api/movies/mp4)] + 7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 44.9/95.0][45.24 sec][Host: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11.6/6.1 66/65 22.8/18.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100.8/1095.5 415/1314 118.8/461.2][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] + 8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 51.8/95.0][45.24 sec][Host: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632.4/3.6 45001/65 14880.0/14.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116.3/1099.3 415/1314 133.6/455.3][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)] + 9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 76.6/89.5][1.19 sec][Host: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 48.8/52.0 298/178 81.1/57.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 235.8/538.8 499/1314 192.8/555.7][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][ContentType: application/x-www-form-urlencoded][UserAgent: Mozilla/5.0][PLAIN TEXT (POST /api/proxy)] + 10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 39.6/93.9][0.02 sec][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 3.8/1.8 10/8 3.7/3.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.7/1102.8 334/1514 99.1/610.2][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][ContentType: image/jpeg][UserAgent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)] + 11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 39.6/93.7][0.01 sec][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3.2/1.7 10/6 4.1/2.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.7/1060.2 334/1514 99.1/619.9][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][ContentType: image/jpeg][UserAgent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)] + 12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.9/0.0][8.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 511.6/0.0 2044/0 526.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 557.6/0.0 590/0 29.6/0.0][PLAIN TEXT (NOTIFY )] + 13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.1/0.0][8.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 102/0 511.5/0.0 2044/0 526.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 482/0 529.6/0.0 562/0 29.6/0.0][PLAIN TEXT (NOTIFY )] + 14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/TLS][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][Goodput ratio: 88.3/51.0][18.02 sec][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352.0/2546.4 3289/14274 979.8/4917.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482.2/116.5 1514/386 581.5/101.3] + 15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71.2/71.7][1.09 sec][Host: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70.1/191.0 476/506 135.7/201.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197.2/200.0 499/372 175.9/149.1][URL: vv.video.qq.com/getvinfo][StatusCode: 100][ContentType: ][UserAgent: Mozilla/5.0][PLAIN TEXT (POST /getvinfo HTTP/1.1)] + 16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.7/0.0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3105.8/0.0 12289/0 3176.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342.0/0.0 342/0 0.0/0.0] + 17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87.1/85.6][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60.0/44.0 176/133 82.0/54.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512.5/459.4 1159/1464 468.4/535.8] + 18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 66.6/72.1][20.95 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2322.6/4176.2 15252/15254 4895.4/5951.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178.1/210.4 1067/1055 287.5/323.1][TLSv1.2][Client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 66.5/72.1][6.76 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746.1/1336.2 5987/5987 1865.2/2340.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177.7/210.4 1067/1055 287.4/323.1][TLSv1.2][Client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 68.6/74.8][6.08 sec][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753.4/1500.5 5998/5998 1982.3/2596.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 189.5/231.9 1067/1055 298.9/340.1][TLSv1.2][Client: 1][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 59.5/87.3][0.09 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.2/16.0 36/43 13.3/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141.0/456.4 390/1314 143.8/511.5][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][ContentType: application/json][UserAgent: ][PLAIN TEXT (GET /api/videos/10410.j)] + 22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66.3/63.0][8.90 sec][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 981.8/1763.2 6000/6000 1977.8/2381.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 176.6/158.4 1051/639 283.0/188.4][TLSv1.2][Client: 1][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59.5/83.1][45.16 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5638.9/28.5 44799/53 14801.4/24.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139.4/366.0 468/1272 164.4/523.1][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][ContentType: application/x-javascript][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/10410.j)] + 24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67.1/77.8][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 63.5/63.5 205/212 84.1/87.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201.2/297.4 471/1223 139.5/462.8] + 25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][56.94 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488.2/0.0 17921/0 4136.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 59.8/74.8][45.21 sec][Host: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5642.8/39.5 44798/70 14799.6/30.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 140.6/245.0 474/788 166.8/313.5][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][ContentType: application/json][UserAgent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/alsolikes/10410)] + 27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Goodput ratio: 60.5/72.9][0.23 sec][Host: 183.131.48.145][bytes ratio: 0.244 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 28.5/41.5 74/83 34.4/41.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 142.8/216.8 486/687 171.7/271.5][URL: 183.131.48.145/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 302][ContentType: ][UserAgent: ][PLAIN TEXT (GET /vlive.qq)] + 28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][59.19 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 5110.0/0.0 15056/0 4451.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198.4/0.0 14952/0 3584.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][49.87 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4679.7/0.0 19869/0 5063.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52.4/65.7][31.95 sec][Host: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2390.6/3919.0 11352/11551 4481.4/5397.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142.3/197.2 331/390 116.9/157.4][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][ContentType: text/html][UserAgent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)] + 32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][49.87 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5540.9/0.0 19870/0 5204.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.5/0.0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631.2/0.0 15155/0 3854.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.5/0.0][57.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126.4/0.0 24065/0 7503.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5631.9/0.0 18024/0 4842.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 35.9/69.3][0.74 sec][Host: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 53.9/119.0 318/119 106.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88.0/190.7 212/446 62.2/180.6][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0][PLAIN TEXT (GET /api/qq)] + 37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.5/0.0][38.10 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5441.7/0.0 17101/0 4875.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.9/0.0][57.22 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8173.7/0.0 27242/0 8848.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.7/0.0][46.39 sec][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)] + 40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Goodput ratio: 87.6/87.6][30.01 sec][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46] + 41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.5/0.0][16.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2798.8/0.0 5942/0 1567.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.3/0.0][30.61 sec][Host: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708.2/0.0 9111/0 2901.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92.0/0.0 92/0 0.0/0.0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)] + 43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.4/0.0][0.00 sec][Host: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)] + 44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.2/0.0][1.50 sec][Host: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 299.6/0.0 749/0 366.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92.0/0.0 92/0 0.0/0.0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)] + 45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][Goodput ratio: 84.5/0.0][< 1 sec][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)] + 46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.7/0.0][15.56 sec] + 47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.6/0.0][14.54 sec] + 48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Goodput ratio: 52.2/85.2][0.01 sec][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (official)] + 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 1.8/0.0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14998.7/45002.0 44996/45002 21211.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55.0/66.0 55/66 0.0/0.0] + 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.5/0.0][< 1 sec][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)] + 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.5/0.0][< 1 sec][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)] + 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42.2/68.8][0.05 sec][Host: pic.1kxun.com] + 53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.2/0.0][1.54 sec][Host: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)] + 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47.2/61.9][0.02 sec][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (kankan)] + 55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Goodput ratio: 43.7/63.2][0.04 sec][Host: vv.video.qq.com] + 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44.4/60.6][1.05 sec][Host: kankan.1kxun.com][PLAIN TEXT (kankan)] + 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44.4/60.6][0.00 sec][Host: kankan.1kxun.com][PLAIN TEXT (kankan)] + 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Goodput ratio: 34.2/0.0][0.10 sec][Host: wpad] + 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][36.19 sec] + 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 34.6/0.0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)] + 61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 34.6/0.0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)] + 62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.1/0.0][1.02 sec][Host: nasfile][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)] + 63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32.4/0.0][0.41 sec][Host: ____________] + 64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32.4/0.0][0.10 sec][Host: ____________] + 65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32.4/0.0][0.41 sec][Host: ____________] + 66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Goodput ratio: 31.7/0.0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)] + 67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30.2/0.0][0.10 sec][Host: wangs-ltw] + 68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30.2/0.0][0.10 sec][Host: wangs-ltw] + 69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes][Goodput ratio: 1.8/0.0][0.01 sec] + 70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.4/0.0][0.10 sec][Host: kevin-pc] + 71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.4/0.0][0.10 sec][Host: kevin-pc] + 72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 28.6/0.0][0.10 sec][Host: sonusav][PLAIN TEXT (sonusav)] + 73 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.7/0.0][0.10 sec][Host: isatap][PLAIN TEXT (isatap)] + 74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.7/0.0][0.11 sec][Host: isatap][PLAIN TEXT (isatap)] + 75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.7/0.0][0.41 sec][Host: ro_x1c] + 76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.7/0.0][0.41 sec][Host: ro_x1c] + 77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.7/0.0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)] + 78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.7/0.0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)] + 79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.4/0.0][0.41 sec][Host: ____________] + 80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.4/0.0][0.10 sec][Host: ____________] + 81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.4/0.0][0.41 sec][Host: ____________] + 82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.6/0.0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)] + 83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.6/0.0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)] + 84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.7/0.0][0.41 sec][Host: kasper-mac][PLAIN TEXT (Kasper)] + 85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.8/0.0][0.10 sec][Host: wangs-ltw] + 86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.8/0.0][0.10 sec][Host: wangs-ltw] + 87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.8/0.0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)] + 88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.8/0.0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)] + 89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.8/0.0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)] + 90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.8/0.0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)] + 91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.41 sec][Host: notebook][PLAIN TEXT (notebook)] + 92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.41 sec][Host: notebook][PLAIN TEXT (notebook)] + 93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.10 sec][Host: kevin-pc] + 94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.10 sec][Host: jason-pc] + 95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.10 sec][Host: jason-pc] + 96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.10 sec][Host: usher-pc] + 97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.10 sec][Host: usher-pc] + 98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.11 sec][Host: isatap][PLAIN TEXT (isatap)] + 99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.10 sec][Host: isatap][PLAIN TEXT (isatap)] + 100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.41 sec][Host: ro_x1c] + 101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.41 sec] + 102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][22.90 sec] + 103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.4/0.0][< 1 sec] + 105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 53.8/0.0][< 1 sec][Host: gfile][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)] + 106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 53.8/0.0][< 1 sec][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)] + 107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 31.5/0.0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)] + 108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 31.5/0.0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)] + 109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][< 1 sec] + 110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.2/0.0][< 1 sec][PLAIN TEXT (googlecast)] + 111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)] + 112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)] + 113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec][Host: kevin-pc] + 114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec][Host: jason-pc] + 115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec][Host: sonusav][PLAIN TEXT (sonusav)] Undetected flows: - 1 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes] - 2 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)] - 3 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)] - 4 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)] - 5 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)] - 6 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)] - 7 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )] - 8 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )] - 9 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/177 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )] - 10 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (AABHZW50cmljZV9)] - 11 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (icRVSoU)] - 12 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/163 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.4 )] - 13 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )] - 14 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (dDYcTc4)] + 1 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.3/0.0][40.04 sec] + 2 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84.0/0.0][30.00 sec][PLAIN TEXT (Switch)] + 3 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84.0/0.0][30.01 sec][PLAIN TEXT (Switch)] + 4 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.2/0.0][30.11 sec][PLAIN TEXT (Switch)] + 5 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.2/0.0][30.10 sec][PLAIN TEXT (Switch)] + 6 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.1/0.0][< 1 sec][PLAIN TEXT (Switch)] + 7 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 68.2/0.0][< 1 sec][PLAIN TEXT (6.35.1 )] + 8 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][Goodput ratio: 66.1/0.0][< 1 sec][PLAIN TEXT (6.35.1 )] + 9 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/177 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.8/0.0][< 1 sec][PLAIN TEXT (6.35.1 )] + 10 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.5/0.0][34.71 sec][PLAIN TEXT (AABHZW50cmljZV9)] + 11 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.5/0.0][34.72 sec][PLAIN TEXT (icRVSoU)] + 12 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 73.8/0.0][< 1 sec][PLAIN TEXT (6.35.4 )] + 13 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 69.9/0.0][< 1 sec][PLAIN TEXT (6.35.1 )] + 14 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.2/0.0][< 1 sec][PLAIN TEXT (dDYcTc4)] diff --git a/tests/result/6in4tunnel.pcap.out b/tests/result/6in4tunnel.pcap.out index 34879997f..8682fab94 100644 --- a/tests/result/6in4tunnel.pcap.out +++ b/tests/result/6in4tunnel.pcap.out @@ -9,13 +9,13 @@ JA3 Host Stats: 1 2001:470:1f17:13f:3e97:eff:fe73:4dec 2 - 1 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/TLS][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 52.8/36.3 142/142 56.7/54.5][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 165.1/934.6 629/1847 138.8/679.8][TLSv1.2][Client: mail.tomasu.net][JA3C: 812d8bce0f85487ba7834d36568ed586][Server: mail.tomasu.net][JA3S: 389ed42c02ebecc32e73aa31def07e14][Certificate SHA-1: 9C:00:A2:31:8F:66:C6:E2:D8:E8:1E:6F:52:49:AD:15:0A:8B:7C:68][Validity: 2014-01-29 00:00:00 - 2019-01-28 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 2 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 20.1/23.5 98/97 33.1/35.6][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 383.0/468.8 1504/1911 467.5/575.9][TLSv1.2][Client: www.facebook.com][JA3C: eb7cdd4e7dea7a11b3016c3c9acbd2a3][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: 93:C6:FD:1A:84:90:BB:F1:B2:3B:49:A0:9B:1F:6F:0B:46:7A:31:41][Validity: 2014-08-28 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] - 3 ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1000/992 1000.8/1000.8 1001/1012 0.4/4.2][Pkt Len c2s/s2c min/avg/max/stddev: 138/138 138.0/138.0 138/138 0.0/0.0] - 4 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Host: mail.tomasu.net][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 163.8/56.0 495/110 170.8/54.0][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 131.0/251.5 248/680 52.4/247.4][URL: mail.tomasu.net/][StatusCode: 301][ContentType: text/html][UserAgent: Wget/1.16.3 (linux-gnu)][PLAIN TEXT (GET / HTTP/1.1)] - 5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes][PLAIN TEXT (ds 0/u6)] - 6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Host: star.c10r.facebook.com][PLAIN TEXT (facebook)] - 7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Host: star.c10r.facebook.com][PLAIN TEXT (facebook)] - 8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes] - 9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes] - 10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes] + 1 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/TLS][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][Goodput ratio: 35.5/88.6][0.60 sec][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 52.8/36.3 142/142 56.7/54.5][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 165.1/934.6 629/1847 138.8/679.8][TLSv1.2][Client: mail.tomasu.net][JA3C: 812d8bce0f85487ba7834d36568ed586][Server: mail.tomasu.net][JA3S: 389ed42c02ebecc32e73aa31def07e14][Certificate SHA-1: 9C:00:A2:31:8F:66:C6:E2:D8:E8:1E:6F:52:49:AD:15:0A:8B:7C:68][Validity: 2014-01-29 00:00:00 - 2019-01-28 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 2 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][Goodput ratio: 72.2/76.8][0.53 sec][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 20.1/23.5 98/97 33.1/35.6][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 383.0/468.8 1504/1911 467.5/575.9][TLSv1.2][Client: www.facebook.com][JA3C: eb7cdd4e7dea7a11b3016c3c9acbd2a3][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: 93:C6:FD:1A:84:90:BB:F1:B2:3B:49:A0:9B:1F:6F:0B:46:7A:31:41][Validity: 2014-08-28 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 3 ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes][Goodput ratio: 40.6/40.6][22.14 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1000/992 1000.8/1000.8 1001/1012 0.4/4.2][Pkt Len c2s/s2c min/avg/max/stddev: 138/138 138.0/138.0 138/138 0.0/0.0] + 4 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Goodput ratio: 18.0/57.0][0.82 sec][Host: mail.tomasu.net][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 163.8/56.0 495/110 170.8/54.0][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 131.0/251.5 248/680 52.4/247.4][URL: mail.tomasu.net/][StatusCode: 301][ContentType: text/html][UserAgent: Wget/1.16.3 (linux-gnu)][PLAIN TEXT (GET / HTTP/1.1)] + 5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes][Goodput ratio: 93.7/0.0][< 1 sec][PLAIN TEXT (ds 0/u6)] + 6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Goodput ratio: 38.1/69.7][0.09 sec][Host: star.c10r.facebook.com][PLAIN TEXT (facebook)] + 7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Goodput ratio: 38.1/68.3][0.09 sec][Host: star.c10r.facebook.com][PLAIN TEXT (facebook)] + 8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][Goodput ratio: 30.1/0.0][0.01 sec] + 9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][Goodput ratio: 30.1/0.0][0.07 sec] + 10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes][Goodput ratio: 58.7/0.0][< 1 sec] diff --git a/tests/result/BGP_Cisco_hdlc_slarp.pcap.out b/tests/result/BGP_Cisco_hdlc_slarp.pcap.out index 8467c71ad..c2155e59f 100644 --- a/tests/result/BGP_Cisco_hdlc_slarp.pcap.out +++ b/tests/result/BGP_Cisco_hdlc_slarp.pcap.out @@ -1,3 +1,3 @@ BGP 14 969 1 - 1 TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes][bytes ratio: -0.199 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10013.6/9944.2 50028/49681 20007.2/19868.4][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 55.4/83.0 101/195 19.7/48.8] + 1 TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes][Goodput ratio: 19.5/46.2][50.10 sec][bytes ratio: -0.199 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10013.6/9944.2 50028/49681 20007.2/19868.4][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 55.4/83.0 101/195 19.7/48.8] diff --git a/tests/result/BGP_redist.pcap.out b/tests/result/BGP_redist.pcap.out index dddd85947..a78358a36 100644 --- a/tests/result/BGP_redist.pcap.out +++ b/tests/result/BGP_redist.pcap.out @@ -1,4 +1,4 @@ BGP 2 322 2 - 1 TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes] - 2 TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes] + 1 TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 70.1/0.0][< 1 sec] + 2 TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes][Goodput ratio: 71.9/0.0][< 1 sec] diff --git a/tests/result/EAQ.pcap.out b/tests/result/EAQ.pcap.out index d159305ab..e2f9fbb6b 100644 --- a/tests/result/EAQ.pcap.out +++ b/tests/result/EAQ.pcap.out @@ -1,34 +1,34 @@ Google 23 11743 2 EAQ 174 10092 29 - 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Host: www.google.com.br][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/8 76.3/114.2 400/349 145.8/136.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 73.9/1666.3 193/2818 45.5/1240.4][URL: www.google.com.br/?gfe_rd=cr&ei=1BxnVcP9OKKk8we50oDAAg][StatusCode: 200][ContentType: text/html][UserAgent: test][PLAIN TEXT (we50oDAAg HTTP/1.1)] - 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Host: www.google.com][bytes ratio: -0.324 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/10 50.8/49.5 139/89 54.1/39.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.0/191.0 154/602 38.8/237.3][URL: www.google.com/][StatusCode: 302][ContentType: text/html][UserAgent: test][PLAIN TEXT (GET / HTTP/1.1)] - 3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21509/21499 21642.0/21641.8 21860/21869 132.0/138.2][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20533/20540 21310.5/21309.5 21609/21619 449.8/445.7][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20541/20540 21309.5/21304.5 21618/21649 445.1/444.9][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 6 UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21500/21510 21554.2/21642.2 21649/21860 56.5/131.6][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 7 UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21489/21529 21552.0/21561.8 21630/21609 53.5/30.9][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 8 UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21529/21528 21561.8/21559.2 21609/21609 30.9/33.3][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 9 UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21479/21489 21550.8/21551.8 21630/21629 55.7/53.2][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 10 UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21499/21480 21641.8/21641.8 21869/21869 138.2/142.1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 11 UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 12 UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 13 UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 14 UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 15 UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 16 UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 17 UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 18 UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 19 UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 20 UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes] - 21 UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 22 UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 23 UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 24 UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 25 UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 26 UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 27 UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 28 UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 29 UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 30 UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] - 31 UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes] + 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Goodput ratio: 23.5/96.7][0.51 sec][Host: www.google.com.br][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/8 76.3/114.2 400/349 145.8/136.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 73.9/1666.3 193/2818 45.5/1240.4][URL: www.google.com.br/?gfe_rd=cr&ei=1BxnVcP9OKKk8we50oDAAg][StatusCode: 200][ContentType: text/html][UserAgent: test][PLAIN TEXT (we50oDAAg HTTP/1.1)] + 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Goodput ratio: 25.6/71.6][0.20 sec][Host: www.google.com][bytes ratio: -0.324 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/10 50.8/49.5 139/89 54.1/39.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.0/191.0 154/602 38.8/237.3][URL: www.google.com/][StatusCode: 302][ContentType: text/html][UserAgent: test][PLAIN TEXT (GET / HTTP/1.1)] + 3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21509/21499 21642.0/21641.8 21860/21869 132.0/138.2][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][85.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20533/20540 21310.5/21309.5 21609/21619 449.8/445.7][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][85.29 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20541/20540 21309.5/21304.5 21618/21649 445.1/444.9][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 6 UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21500/21510 21554.2/21642.2 21649/21860 56.5/131.6][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 7 UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][86.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21489/21529 21552.0/21561.8 21630/21609 53.5/30.9][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 8 UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][86.31 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21529/21528 21561.8/21559.2 21609/21609 30.9/33.3][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 9 UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][86.31 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21479/21489 21550.8/21551.8 21630/21629 55.7/53.2][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 10 UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][86.63 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21499/21480 21641.8/21641.8 21869/21869 138.2/142.1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 11 UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 12 UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 13 UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 14 UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.35 sec] + 15 UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 16 UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.57 sec] + 17 UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 18 UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 19 UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.57 sec] + 20 UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][86.22 sec] + 21 UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 22 UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][63.69 sec] + 23 UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 24 UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.68 sec] + 25 UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 26 UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 27 UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 28 UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][65.69 sec] + 29 UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 30 UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] + 31 UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][64.69 sec] diff --git a/tests/result/KakaoTalk_chat.pcap.out b/tests/result/KakaoTalk_chat.pcap.out index 2d09187a8..56040e1be 100644 --- a/tests/result/KakaoTalk_chat.pcap.out +++ b/tests/result/KakaoTalk_chat.pcap.out @@ -13,41 +13,41 @@ JA3 Host Stats: 1 10.24.82.188 3 - 1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.1/57.0 123/297 41.2/77.4][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 203.6/364.4 1053/1336 304.3/448.8][TLSv1.2][Client: graph.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] - 2 TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][bytes ratio: -0.433 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.2/34.8 106/208 36.5/55.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 183.9/433.5 1257/1336 331.5/513.1][TLSv1.2][Client: developers.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] - 3 TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][bytes ratio: -0.329 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 95.6/75.0 312/350 98.3/119.1][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 258.4/569.2 1401/1456 416.1/539.9][TLSv1.2][Client: api.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] - 4 TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][bytes ratio: -0.249 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 410.8/374.9 2329/2320 582.3/599.4][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 142.4/263.4 710/1336 154.7/439.9][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] - 5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71.3/71.2 489/365 131.0/103.2][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 167.2/388.7 899/1336 222.0/490.9][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] - 6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][bytes ratio: -0.332 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2049.7/118.1 26937/448 6904.3/126.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 132.8/264.6 578/1336 133.6/439.4][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] - 7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][cat: Web/5][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][bytes ratio: -0.429 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1113.6/74.5 10357/172 3082.4/61.9][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 156.6/363.6 429/1336 151.9/450.9][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Organization: Kakao Corp.][Certificate SHA-1: 0D:14:6D:8D:5E:EB:F5:F5:42:87:CD:AB:AE:A1:DC:AA:5A:76:6F:E4][Validity: 2014-04-18 00:00:00 - 2016-04-17 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes][bytes ratio: 0.137 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/36 2833.0/4340.0 12590/13131 4126.4/4406.8][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 131.2/188.3 657/274 136.4/75.5] - 9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes][bytes ratio: 0.442 (Upload)][IAT c2s/s2c min/avg/max/stddev: 40/104 3455.9/3426.0 12765/12806 4427.1/4479.6][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 193.0/74.7 303/98 122.5/20.9] - 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/5 107.0/56.5 199/108 92.0/51.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 96.7/533.3 146/1456 35.0/652.4][TLSv1][JA3C: d9ce50c62ab1fd5932da3c6b6d406c65][Server: *.push.samsungosp.com][JA3S: 986d18bb49fadf70a73a06ead3780d55 (INSECURE)][Organization: SAMSUNG ELECTRONICS CO., LTD][Certificate SHA-1: CE:C6:14:8F:23:A0:C2:C9:C5:9A:B0:BB:EC:1D:4A:7E:33:2A:43:12][Validity: 1999-12-31 15:02:10 - 2049-12-18 15:02:10][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Host: www.facebook.com][bytes ratio: -0.126 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 40/40 114.7/101.7 264/210 105.6/76.8][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97.4/104.5 243/339 73.2/104.9][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] - 12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Host: www.facebook.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 43/38 5451.5/101.3 21457/215 9241.2/80.5][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97.4/114.2 243/339 73.2/112.4][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] - 13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 136/98 3845.2/3844.4 13075/13111 4718.5/4734.8][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 56.0/56.0 56/56 0.0/0.0] - 14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/TLS][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes] - 15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes] - 16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/166 bytes][Host: katalk.kakao.com][PLAIN TEXT (katalk)] - 17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Host: developers.facebook.com][PLAIN TEXT (developers)] - 18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Host: graph.facebook.com][PLAIN TEXT (facebook)] - 19 UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Host: 2.97.252.173.in-addr.arpa][PLAIN TEXT (facebook)] - 20 UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/136 bytes][Host: ac-talk.kakao.com] - 21 UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/84 bytes <-> 1 pkts/130 bytes][Host: booking.loco.kakao.com][PLAIN TEXT (booking)] - 22 UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/82 bytes <-> 1 pkts/126 bytes][Host: up-gp.talk.kakao.com] - 23 UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-p.talk.kakao.com] - 24 UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-v.talk.kakao.com] - 25 UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-m.talk.kakao.com] - 26 UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-a.talk.kakao.com] - 27 UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Host: up-c.talk.kakao.com] - 28 UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com] - 29 UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Host: plus-talk.kakao.com] - 30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Host: api.facebook.com][PLAIN TEXT (facebook)] - 31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: auth.kakao.com] - 32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Host: item.kakao.com] - 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes] - 34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/97 bytes][Host: dn-l.talk.kakao.com] - 35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes] - 36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes] - 37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes] - 38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes] + 1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][Goodput ratio: 71.9/84.5][0.98 sec][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.1/57.0 123/297 41.2/77.4][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 203.6/364.4 1053/1336 304.3/448.8][TLSv1.2][Client: graph.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 2 TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][Goodput ratio: 68.8/86.9][0.55 sec][bytes ratio: -0.433 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.2/34.8 106/208 36.5/55.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 183.9/433.5 1257/1336 331.5/513.1][TLSv1.2][Client: developers.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 3 TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][Goodput ratio: 73.3/87.9][0.77 sec][bytes ratio: -0.329 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 95.6/75.0 312/350 98.3/119.1][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 258.4/569.2 1401/1456 416.1/539.9][TLSv1.2][Client: api.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][Server: *.facebook.com][JA3S: 6806b8fe92d7d465715d771eb102ff04][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 4 TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][Goodput ratio: 59.3/78.5][10.77 sec][bytes ratio: -0.249 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 410.8/374.9 2329/2320 582.3/599.4][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 142.4/263.4 710/1336 154.7/439.9][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] + 5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][Goodput ratio: 65.7/85.4][0.86 sec][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71.3/71.2 489/365 131.0/103.2][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 167.2/388.7 899/1336 222.0/490.9][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] + 6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][Goodput ratio: 57.0/78.6][28.98 sec][bytes ratio: -0.332 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2049.7/118.1 26937/448 6904.3/126.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 132.8/264.6 578/1336 133.6/439.4][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.facebook.com][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Organization: Facebook, Inc.][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] + 7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][cat: Web/5][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][Goodput ratio: 63.2/84.4][11.34 sec][bytes ratio: -0.429 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1113.6/74.5 10357/172 3082.4/61.9][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 156.6/363.6 429/1336 151.9/450.9][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][Server: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Organization: Kakao Corp.][Certificate SHA-1: 0D:14:6D:8D:5E:EB:F5:F5:42:87:CD:AB:AE:A1:DC:AA:5A:76:6F:E4][Validity: 2014-04-18 00:00:00 - 2016-04-17 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes][Goodput ratio: 47.8/63.4][46.77 sec][bytes ratio: 0.137 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/36 2833.0/4340.0 12590/13131 4126.4/4406.8][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 131.2/188.3 657/274 136.4/75.5] + 9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes][Goodput ratio: 70.9/25.0][24.52 sec][bytes ratio: 0.442 (Upload)][IAT c2s/s2c min/avg/max/stddev: 40/104 3455.9/3426.0 12765/12806 4427.1/4479.6][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 193.0/74.7 303/98 122.5/20.9] + 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][Goodput ratio: 26.8/86.7][0.31 sec][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/5 107.0/56.5 199/108 92.0/51.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 96.7/533.3 146/1456 35.0/652.4][TLSv1][JA3C: d9ce50c62ab1fd5932da3c6b6d406c65][Server: *.push.samsungosp.com][JA3S: 986d18bb49fadf70a73a06ead3780d55 (INSECURE)][Organization: SAMSUNG ELECTRONICS CO., LTD][Certificate SHA-1: CE:C6:14:8F:23:A0:C2:C9:C5:9A:B0:BB:EC:1D:4A:7E:33:2A:43:12][Validity: 1999-12-31 15:02:10 - 2049-12-18 15:02:10][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Goodput ratio: 38.3/45.1][21.97 sec][Host: www.facebook.com][bytes ratio: -0.126 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 40/40 114.7/101.7 264/210 105.6/76.8][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97.4/104.5 243/339 73.2/104.9][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] + 12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Goodput ratio: 38.3/49.5][21.81 sec][Host: www.facebook.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 43/38 5451.5/101.3 21457/215 9241.2/80.5][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97.4/114.2 243/339 73.2/112.4][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] + 13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes][Goodput ratio: 0.0/0.0][25.75 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 136/98 3845.2/3844.4 13075/13111 4718.5/4734.8][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 56.0/56.0 56/56 0.0/0.0] + 14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/TLS][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes][Goodput ratio: 0.0/0.0][13.28 sec] + 15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes][Goodput ratio: 19.3/0.0][0.03 sec] + 16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/166 bytes][Goodput ratio: 43.0/73.1][0.04 sec][Host: katalk.kakao.com][PLAIN TEXT (katalk)] + 17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Goodput ratio: 47.7/69.0][0.05 sec][Host: developers.facebook.com][PLAIN TEXT (developers)] + 18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Goodput ratio: 44.4/67.6][0.04 sec][Host: graph.facebook.com][PLAIN TEXT (facebook)] + 19 UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Goodput ratio: 48.9/65.6][0.05 sec][Host: 2.97.252.173.in-addr.arpa][PLAIN TEXT (facebook)] + 20 UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/136 bytes][Goodput ratio: 43.8/67.2][0.04 sec][Host: ac-talk.kakao.com] + 21 UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/84 bytes <-> 1 pkts/130 bytes][Goodput ratio: 47.1/65.6][0.04 sec][Host: booking.loco.kakao.com][PLAIN TEXT (booking)] + 22 UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/82 bytes <-> 1 pkts/126 bytes][Goodput ratio: 45.8/64.6][0.04 sec][Host: up-gp.talk.kakao.com] + 23 UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45.1/64.0][0.13 sec][Host: up-p.talk.kakao.com] + 24 UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45.1/64.0][0.13 sec][Host: up-v.talk.kakao.com] + 25 UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45.1/64.0][0.04 sec][Host: up-m.talk.kakao.com] + 26 UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45.1/64.0][0.03 sec][Host: up-a.talk.kakao.com] + 27 UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45.1/64.0][0.13 sec][Host: up-c.talk.kakao.com] + 28 UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Goodput ratio: 45.1/62.5][0.03 sec][Host: plus-talk.kakao.com] + 29 UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Goodput ratio: 45.1/62.5][0.04 sec][Host: plus-talk.kakao.com] + 30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Goodput ratio: 43.0/62.2][0.05 sec][Host: api.facebook.com][PLAIN TEXT (facebook)] + 31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 41.6/60.9][0.08 sec][Host: auth.kakao.com] + 32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 41.6/60.9][0.03 sec][Host: item.kakao.com] + 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 24.7/0.0][41.33 sec] + 34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/97 bytes][Goodput ratio: 45.1/54.1][0.04 sec][Host: dn-l.talk.kakao.com] + 35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58.2/0.0][< 1 sec] + 36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 69.6/0.0][< 1 sec] + 37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32.1/0.0][< 1 sec] + 38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out index 897b19d73..6efaf36b6 100644 --- a/tests/result/KakaoTalk_talk.pcap.out +++ b/tests/result/KakaoTalk_talk.pcap.out @@ -13,23 +13,23 @@ JA3 Host Stats: 1 10.24.82.188 2 - 1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 56.7/47.6 202/340 48.7/48.1][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 140.5/125.9 234/236 43.2/33.1][PLAIN TEXT (46yOXQ)] - 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][bytes ratio: -0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/0 58.3/49.1 112/476 22.7/54.4][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 125.9/141.0 236/234 33.1/43.4][PLAIN TEXT (46yOXQ)] - 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 14/0 2358.4/3527.6 20472/21237 5097.7/5912.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 242.1/289.6 878/920 253.9/276.1][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][Server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Organization: Kakao][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][bytes ratio: -0.133 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 691.3/1317.3 6069/10226 1399.3/2632.2][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 190.4/260.4 814/920 164.3/240.9][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][Server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Organization: Kakao][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][bytes ratio: 0.457 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 140.8/117.3 494/295 163.1/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 195.5/78.0 735/189 228.1/34.6][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] - 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1062/3176 4202.8/4246.6 4716/5160 1130.8/719.3][Pkt Len c2s/s2c min/avg/max/stddev: 122/142 141.0/142.0 150/142 6.1/0.0] - 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1105/1052 4266.5/3766.4 4903/4991 1244.7/1143.7][Pkt Len c2s/s2c min/avg/max/stddev: 122/122 140.2/140.2 142/142 5.7/5.7] - 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com][bytes ratio: 0.294 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/51 406.0/438.7 2019/1166 732.2/514.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 139.6/87.1 665/262 198.8/71.4][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][ContentType: application/octet-stream][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] - 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 77/47 4920.2/8061.3 17431/17434 6679.4/7162.9][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 90.5/189.0 130/504 24.3/164.1] - 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes] - 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][PLAIN TEXT (xiaomi.com)] - 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes] - 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes] - 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com][PLAIN TEXT (facebook)] - 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes] - 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes] - 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes] - 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes] - 19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes] - 20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes] + 1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][Goodput ratio: 68.7/65.0][45.42 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 56.7/47.6 202/340 48.7/48.1][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 140.5/125.9 234/236 43.2/33.1][PLAIN TEXT (46yOXQ)] + 2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][Goodput ratio: 65.0/68.8][45.02 sec][bytes ratio: -0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/0 58.3/49.1 112/476 22.7/54.4][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 125.9/141.0 236/234 33.1/43.4][PLAIN TEXT (46yOXQ)] + 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][Goodput ratio: 71.7/75.9][51.59 sec][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 14/0 2358.4/3527.6 20472/21237 5097.7/5912.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 242.1/289.6 878/920 253.9/276.1][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][Server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Organization: Kakao][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][Goodput ratio: 64.1/73.3][52.84 sec][bytes ratio: -0.133 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 691.3/1317.3 6069/10226 1399.3/2632.2][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 190.4/260.4 814/920 164.3/240.9][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][Server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Organization: Kakao][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][Goodput ratio: 70.6/27.4][1.96 sec][bytes ratio: 0.457 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 140.8/117.3 494/295 163.1/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 195.5/78.0 735/189 228.1/34.6][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA] + 6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][Goodput ratio: 68.8/69.0][45.10 sec][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1062/3176 4202.8/4246.6 4716/5160 1130.8/719.3][Pkt Len c2s/s2c min/avg/max/stddev: 122/142 141.0/142.0 150/142 6.1/0.0] + 7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][Goodput ratio: 68.6/68.6][43.84 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1105/1052 4266.5/3766.4 4903/4991 1244.7/1143.7][Pkt Len c2s/s2c min/avg/max/stddev: 122/122 140.2/140.2 142/142 5.7/5.7] + 8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Goodput ratio: 54.5/33.7][3.79 sec][Host: hkminorshort.weixin.qq.com][bytes ratio: 0.294 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/51 406.0/438.7 2019/1166 732.2/514.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 139.6/87.1 665/262 198.8/71.4][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][ContentType: application/octet-stream][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] + 9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][Goodput ratio: 24.8/64.0][24.77 sec][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 77/47 4920.2/8061.3 17431/17434 6679.4/7162.9][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 90.5/189.0 130/504 24.3/164.1] + 10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes][Goodput ratio: 83.8/27.1][51.90 sec] + 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][Goodput ratio: 39.4/20.3][0.46 sec][PLAIN TEXT (xiaomi.com)] + 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 2.8/0.0][11.12 sec] + 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes][Goodput ratio: 0.0/0.0][0.48 sec] + 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Goodput ratio: 43.8/62.2][0.20 sec][Host: mqtt.facebook.com][PLAIN TEXT (facebook)] + 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58.2/0.0][< 1 sec] + 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32.1/0.0][< 1 sec] + 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/NTPv2.pcap.out b/tests/result/NTPv2.pcap.out index a6038a738..3b7dec726 100644 --- a/tests/result/NTPv2.pcap.out +++ b/tests/result/NTPv2.pcap.out @@ -1,3 +1,3 @@ NTP 1 410 1 - 1 UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes] + 1 UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes][Goodput ratio: 89.5/0.0][< 1 sec] diff --git a/tests/result/NTPv3.pcap.out b/tests/result/NTPv3.pcap.out index c0ef68243..9f54a15e3 100644 --- a/tests/result/NTPv3.pcap.out +++ b/tests/result/NTPv3.pcap.out @@ -1,3 +1,3 @@ NTP 1 90 1 - 1 UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] + 1 UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][< 1 sec] diff --git a/tests/result/NTPv4.pcap.out b/tests/result/NTPv4.pcap.out index 606c4787d..9054a17ad 100644 --- a/tests/result/NTPv4.pcap.out +++ b/tests/result/NTPv4.pcap.out @@ -1,3 +1,3 @@ NTP 1 90 1 - 1 UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] + 1 UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][< 1 sec] diff --git a/tests/result/Oscar.pcap.out b/tests/result/Oscar.pcap.out index 7b95fe092..9633ec146 100644 --- a/tests/result/Oscar.pcap.out +++ b/tests/result/Oscar.pcap.out @@ -1,3 +1,3 @@ Oscar 71 9386 1 - 1 TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 69/Oscar][cat: Chat/9][38 pkts/3580 bytes <-> 33 pkts/5806 bytes][bytes ratio: -0.237 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2392.3/2606.7 58175/58215 10382.4/11141.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94.2/175.9 369/1414 74.7/256.6][PLAIN TEXT (Adium/1.5.10)] + 1 TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 69/Oscar][cat: Chat/9][38 pkts/3580 bytes <-> 33 pkts/5806 bytes][Goodput ratio: 42.0/68.0][72.45 sec][bytes ratio: -0.237 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2392.3/2606.7 58175/58215 10382.4/11141.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94.2/175.9 369/1414 74.7/256.6][PLAIN TEXT (Adium/1.5.10)] diff --git a/tests/result/ajp.pcap.out b/tests/result/ajp.pcap.out index 17547beab..cf9a9d5ca 100644 --- a/tests/result/ajp.pcap.out +++ b/tests/result/ajp.pcap.out @@ -1,10 +1,10 @@ Unknown 6 2200 2 AJP 26 4446 2 - 1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222.0/111.5 896/300 285.7/84.4][PLAIN TEXT (HTTP/1.1)] - 2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222.0/111.5 896/300 285.7/84.4][PLAIN TEXT (HTTP/1.1)] + 1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 67.9/36.0][0.17 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222.0/111.5 896/300 285.7/84.4][PLAIN TEXT (HTTP/1.1)] + 2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 67.9/36.0][< 1 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222.0/111.5 896/300 285.7/84.4][PLAIN TEXT (HTTP/1.1)] Undetected flows: - 1 80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1)] - 2 80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes] + 1 80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][0.17 sec][PLAIN TEXT (HTTP/1.1)] + 2 80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][0.17 sec] diff --git a/tests/result/amqp.pcap.out b/tests/result/amqp.pcap.out index 213795e37..34c9b0e29 100644 --- a/tests/result/amqp.pcap.out +++ b/tests/result/amqp.pcap.out @@ -1,5 +1,5 @@ AMQP 160 23514 3 - 1 TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes][bytes ratio: 0.506 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 85.3/85.3 2001/2001 341.2/341.2][Pkt Len c2s/s2c min/avg/max/stddev: 103/66 201.1/66.0 395/66 102.7/0.0][PLAIN TEXT (celeryev)] - 2 TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes][bytes ratio: 0.722 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/3 406.8/588.2 2001/2001 623.0/728.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 332.8/77.7 514/87 211.1/10.4][PLAIN TEXT (celeryev)] - 3 TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 86.7/86.7 540/540 182.1/182.1][Pkt Len c2s/s2c min/avg/max/stddev: 97/66 205.0/66.0 312/66 87.8/0.0][PLAIN TEXT (default)] + 1 TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes][Goodput ratio: 67.2/0.0][4.12 sec][bytes ratio: 0.506 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 85.3/85.3 2001/2001 341.2/341.2][Pkt Len c2s/s2c min/avg/max/stddev: 103/66 201.1/66.0 395/66 102.7/0.0][PLAIN TEXT (celeryev)] + 2 TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes][Goodput ratio: 80.2/15.0][4.12 sec][bytes ratio: 0.722 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/3 406.8/588.2 2001/2001 623.0/728.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 332.8/77.7 514/87 211.1/10.4][PLAIN TEXT (celeryev)] + 3 TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes][Goodput ratio: 67.8/0.0][1.04 sec][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 86.7/86.7 540/540 182.1/182.1][Pkt Len c2s/s2c min/avg/max/stddev: 97/66 205.0/66.0 312/66 87.8/0.0][PLAIN TEXT (default)] diff --git a/tests/result/anyconnect-vpn.pcap.out b/tests/result/anyconnect-vpn.pcap.out index 9a97186a2..d521cbec5 100644 --- a/tests/result/anyconnect-vpn.pcap.out +++ b/tests/result/anyconnect-vpn.pcap.out @@ -21,75 +21,75 @@ JA3 Host Stats: 1 10.0.0.227 4 - 1 TCP 10.0.0.227:56929 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][48 pkts/9073 bytes <-> 44 pkts/18703 bytes][bytes ratio: -0.347 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.8/10.8 97/138 21.4/26.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 189.0/425.1 1514/1514 245.6/579.0][TLSv1.2][JA3C: c9f0b47c9805f516e6d3900cb51f7841][Server: *.pandion.viasat.com][JA3S: 01cbbd332fc4ce7d5925ebd825882842 (WEAK)][Organization: Viasat Inc.][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 2 TCP 10.0.0.227:56919 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][28 pkts/9088 bytes <-> 26 pkts/16944 bytes][bytes ratio: -0.302 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1047.6/486.8 11570/9008 2986.7/2008.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 324.6/651.7 1514/1514 493.8/646.0][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][Server: *.pandion.viasat.com][JA3S: 01cbbd332fc4ce7d5925ebd825882842 (WEAK)][Organization: Viasat Inc.][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 3 TCP 10.0.0.227:56921 <-> 8.37.96.194:4287 [proto: 91/TLS][cat: Web/5][29 pkts/5373 bytes <-> 28 pkts/7580 bytes][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 90.8/63.5 593/619 144.9/135.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 185.3/270.7 1261/1434 259.0/387.4][TLSv1.2][JA3C: e3adec914f3893f18136762f1c0d7d81][JA3S: e54965894d6b45ecb4323c7ea3d6c115][Certificate SHA-1: 86:2A:47:EF:00:68:79:60:7F:94:E2:91:6F:E0:38:82:37:8A:8E:2E][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] - 4 TCP 10.0.0.227:56918 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][16 pkts/2739 bytes <-> 14 pkts/7315 bytes][bytes ratio: -0.455 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.8/26.1 48/88 21.3/28.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171.2/522.5 1175/1514 273.9/624.5][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][Server: *.pandion.viasat.com][JA3S: 01cbbd332fc4ce7d5925ebd825882842 (WEAK)][Organization: Viasat Inc.][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 5 TCP 10.0.0.227:56920 <-> 99.86.34.156:443 [proto: 91.118/TLS.Slack][cat: Collaborative/15][16 pkts/2949 bytes <-> 11 pkts/1876 bytes][bytes ratio: 0.222 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 866.5/28.1 11074/80 2946.8/34.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 184.3/170.5 853/487 228.0/155.1][TLSv1.2][Client: slack.com][JA3C: d8dc5f8940df366b3a58b935569143e8][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 6 TCP 10.0.0.227:56884 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][12 pkts/2303 bytes <-> 7 pkts/2382 bytes][Host: detectportal.firefox.com][bytes ratio: -0.017 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/31 1824.1/3641.6 10081/10083 3592.5/4384.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 191.9/340.3 373/450 153.1/173.5][URL: detectportal.firefox.com/success.txt?ipv4][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt)] - 7 TCP 10.0.0.227:56320 <-> 10.0.0.149:8009 [proto: 161/CiscoVPN][cat: VPN/2][20 pkts/2420 bytes <-> 10 pkts/1760 bytes][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/5003 2648.5/5003.6 5001/5006 2494.5/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/176 121.0/176.0 176/176 55.0/0.0] - 8 ICMPV6 [fe80::2e7e:81ff:feb0:4aa1]:0 -> [ff02::1]:0 [proto: 102/ICMPV6][cat: Network/14][16 pkts/2784 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2867/0 3027.8/0.0 3072/0 84.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 174/0 174.0/0.0 174/0 0.0/0.0] - 9 TCP 10.0.0.227:56955 <-> 10.0.0.151:8060 [proto: 7/HTTP][cat: Web/5][6 pkts/650 bytes <-> 5 pkts/1668 bytes][Host: 10.0.0.151][bytes ratio: -0.439 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 4.0/3.7 9/6 3.2/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108.3/333.6 308/1206 89.4/442.2][URL: 10.0.0.151:8060/dial/dd.xml][StatusCode: 200][ContentType: text/xml][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][PLAIN TEXT (GET /dial/dd.xml HTTP/1.1)] - 10 TCP 10.0.0.227:56917 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][6 pkts/976 bytes <-> 4 pkts/1032 bytes][Host: detectportal.firefox.com][bytes ratio: -0.028 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 28/573 3694.2/6150.7 10081/10078 4344.1/4052.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 162.7/258.0 368/450 145.3/192.0][URL: detectportal.firefox.com/success.txt][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt HTTP/1.1)] - 11 TCP 10.0.0.227:56954 <-> 10.0.0.149:8008 [proto: 7/HTTP][cat: Web/5][4 pkts/527 bytes <-> 3 pkts/1401 bytes][Host: 10.0.0.149][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 2.3/3.0 6/3 2.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131.8/467.0 317/1261 107.1/561.5][URL: 10.0.0.149:8008/ssdp/device-desc.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][PLAIN TEXT (HGET /ssdp/device)] - 12 UDP [fe80::408:3e45:3abc:1552]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1628 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174.0/0.0 11263/0 3646.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 152/0 180.9/0.0 206/0 23.9/0.0][PLAIN TEXT (companion)] - 13 UDP 10.0.0.227:137 -> 10.0.0.255:137 [proto: 10/NetBIOS][cat: System/18][15 pkts/1542 bytes -> 0 pkts/0 bytes][Host: lp-rkerur-osx][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 464.8/0.0 1499/0 677.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 102.8/0.0 110/0 8.8/0.0][PLAIN TEXT ( EMFACNFCELEFFC)] - 14 TCP 10.0.0.227:56914 <-> 52.37.243.173:443 [proto: 91.178/TLS.Amazon][cat: Web/5][8 pkts/847 bytes <-> 7 pkts/651 bytes][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/1 3340.0/2604.6 9634/9670 4129.5/3611.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.9/93.0 131/129 30.9/31.2] - 15 TCP 10.0.0.227:56915 <-> 52.37.243.173:443 [proto: 91.178/TLS.Amazon][cat: Web/5][8 pkts/847 bytes <-> 7 pkts/651 bytes][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 3339.8/3010.6 10636/10673 4210.1/3966.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.9/93.0 131/129 30.9/31.2] - 16 UDP 10.0.0.213:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1448 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3173.9/0.0 11263/0 3646.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 132/0 160.9/0.0 186/0 23.9/0.0][PLAIN TEXT (companion)] - 17 UDP 10.0.0.151:1900 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][4 pkts/1412 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 18 TCP 10.0.0.227:56881 <-> 162.222.43.153:443 [proto: 91/TLS][cat: Web/5][6 pkts/762 bytes <-> 6 pkts/396 bytes][bytes ratio: 0.316 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 0.0/0.8 0/2 0.0/0.8][Pkt Len c2s/s2c min/avg/max/stddev: 82/66 127.0/66.0 292/66 75.4/0.0] - 19 UDP 10.0.0.227:57547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 20 UDP 10.0.0.149:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/655 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlezone)] - 21 UDP 10.0.0.149:38616 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 22 UDP 10.0.0.149:48166 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 23 UDP 10.0.0.149:49816 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 24 UDP 10.0.0.149:50081 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 25 UDP 10.0.0.149:51382 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 26 UDP 10.0.0.227:5353 -> 10.0.0.213:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/548 bytes -> 0 pkts/0 bytes][_companion-link._tcp.local][PLAIN TEXT (companion)] - 27 TCP 10.0.0.227:56879 <-> 52.10.115.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/342 bytes <-> 2 pkts/202 bytes][bytes ratio: 0.257 (Upload)][IAT c2s/s2c min/avg/max/stddev: 33/574 203.0/574.0 541/574 239.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/101 85.5/101.0 105/101 19.5/0.0] - 28 UDP 10.0.0.227:59582 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/92 bytes <-> 1 pkts/323 bytes][Host: 1-courier.sandbox.push.apple.com][PLAIN TEXT (courier)] - 29 TCP 10.0.0.227:56871 <-> 8.37.103.196:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 5 pkts/330 bytes][bytes ratio: -0.667 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/66.0 66/66 0.0/0.0] - 30 TCP 10.0.0.227:56916 -> 10.0.0.151:8009 [proto: 139/AJP][cat: Web/5][5 pkts/390 bytes -> 0 pkts/0 bytes] - 31 TCP 10.0.0.227:56886 <-> 17.57.144.116:5223 [proto: 238/ApplePush][cat: Cloud/13][3 pkts/174 bytes <-> 2 pkts/185 bytes] - 32 UDP 10.0.0.151:1900 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/353 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 33 TCP 10.0.0.227:56910 <-> 35.201.124.9:443 [proto: 91/TLS][cat: Web/5][2 pkts/170 bytes <-> 2 pkts/164 bytes] - 34 UDP 10.0.0.227:62427 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/84 bytes <-> 1 pkts/242 bytes][Host: detectportal.firefox.com][PLAIN TEXT (detectportal)] - 35 UDP 10.0.0.227:58074 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/230 bytes][Host: www.outlook.com][PLAIN TEXT (outlook)] - 36 UDP 10.0.0.227:60341 <-> 75.75.75.75:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/224 bytes][Host: www.apple.com][PLAIN TEXT (edgekey)] - 37 UDP 10.0.0.227:64193 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/85 bytes <-> 1 pkts/192 bytes][Host: 24-courier.push.apple.com][PLAIN TEXT (courier)] - 38 UDP 10.0.0.227:51060 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/84 bytes <-> 1 pkts/190 bytes][Host: 1-courier.push.apple.com][PLAIN TEXT (courier)] - 39 UDP 10.0.0.227:52879 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Host: vcacrashplan01.hq.corp.viasat.com][PLAIN TEXT (cacrashplan)] - 40 UDP 10.0.0.227:57261 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Host: vcacrashplan01.hq.corp.viasat.com][PLAIN TEXT (cacrashplan)] - 41 UDP 10.0.0.227:61387 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Host: vco.pandion.viasat.com][PLAIN TEXT (pandion)] - 42 UDP 10.0.0.227:62322 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Host: vco.pandion.viasat.com][PLAIN TEXT (pandion)] - 43 UDP 10.0.0.227:57017 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Host: lp-rkerur-osx.hsd1.ca.comcast.net][PLAIN TEXT (RKERUR)] - 44 UDP 10.0.0.227:59222 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Host: lp-rkerur-osx.hsd1.ca.comcast.net][PLAIN TEXT (RKERUR)] - 45 UDP 10.0.0.227:54851 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/157 bytes][Host: print.viasat.com][PLAIN TEXT (viasat)] - 46 UDP 10.0.0.227:61328 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 47 UDP 10.0.0.227:63107 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Host: local][PLAIN TEXT (servers)] - 48 UDP 10.0.0.227:64972 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/101 bytes][Host: lb._dns-sd._udp.0.128.28.172.in-addr.arpa] - 49 TCP 10.0.0.227:56865 <-> 10.0.0.149:8008 [proto: 161/CiscoVPN][cat: VPN/2][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 50 TCP 10.0.0.227:56885 <-> 184.25.56.53:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 51 UDP 10.0.0.227:61613 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/97 bytes <-> 1 pkts/97 bytes][Host: lb._dns-sd._udp.0.0.0.10.in-addr.arpa] - 52 UDP 10.0.0.227:49781 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/117 bytes][Host: apple.com] - 53 UDP 10.0.0.227:52879 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: vco.pandion.viasat.com][PLAIN TEXT (pandion)] - 54 0 [fe80::408:3e45:3abc:1552]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes] - 55 UDP 10.0.0.227:51990 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/91 bytes][Host: mail.viasat.com][PLAIN TEXT (viasat)] - 56 UDP 10.0.0.227:57253 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/71 bytes <-> 1 pkts/87 bytes][Host: mozilla.org][PLAIN TEXT (mozilla)] - 57 UDP 10.0.0.227:58155 <-> 75.75.76.76:53 [proto: 5.118/DNS.Slack][cat: Collaborative/15][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: slack.com] - 58 TCP 10.0.0.227:56874 <-> 74.125.197.188:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 59 IGMP 10.0.0.213:0 -> 224.0.0.2:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 60 IGMP 10.0.0.213:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 61 ICMP 10.0.0.227:0 -> 75.75.76.76:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes] - 62 ICMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes] - 63 IGMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes] - 64 IGMP 10.0.0.149:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] - 65 IGMP 10.0.0.149:0 -> 239.255.3.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] - 66 IGMP 10.0.0.149:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] + 1 TCP 10.0.0.227:56929 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][48 pkts/9073 bytes <-> 44 pkts/18703 bytes][Goodput ratio: 64.9/84.4][21.89 sec][bytes ratio: -0.347 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.8/10.8 97/138 21.4/26.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 189.0/425.1 1514/1514 245.6/579.0][TLSv1.2][JA3C: c9f0b47c9805f516e6d3900cb51f7841][Server: *.pandion.viasat.com][JA3S: 01cbbd332fc4ce7d5925ebd825882842 (WEAK)][Organization: Viasat Inc.][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 2 TCP 10.0.0.227:56919 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][28 pkts/9088 bytes <-> 26 pkts/16944 bytes][Goodput ratio: 79.5/89.8][23.14 sec][bytes ratio: -0.302 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1047.6/486.8 11570/9008 2986.7/2008.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 324.6/651.7 1514/1514 493.8/646.0][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][Server: *.pandion.viasat.com][JA3S: 01cbbd332fc4ce7d5925ebd825882842 (WEAK)][Organization: Viasat Inc.][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 3 TCP 10.0.0.227:56921 <-> 8.37.96.194:4287 [proto: 91/TLS][cat: Web/5][29 pkts/5373 bytes <-> 28 pkts/7580 bytes][Goodput ratio: 64.1/75.5][2.30 sec][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 90.8/63.5 593/619 144.9/135.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 185.3/270.7 1261/1434 259.0/387.4][TLSv1.2][JA3C: e3adec914f3893f18136762f1c0d7d81][JA3S: e54965894d6b45ecb4323c7ea3d6c115][Certificate SHA-1: 86:2A:47:EF:00:68:79:60:7F:94:E2:91:6F:E0:38:82:37:8A:8E:2E][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] + 4 TCP 10.0.0.227:56918 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][16 pkts/2739 bytes <-> 14 pkts/7315 bytes][Goodput ratio: 61.0/87.3][0.35 sec][bytes ratio: -0.455 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.8/26.1 48/88 21.3/28.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171.2/522.5 1175/1514 273.9/624.5][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][Server: *.pandion.viasat.com][JA3S: 01cbbd332fc4ce7d5925ebd825882842 (WEAK)][Organization: Viasat Inc.][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 5 TCP 10.0.0.227:56920 <-> 99.86.34.156:443 [proto: 91.118/TLS.Slack][cat: Collaborative/15][16 pkts/2949 bytes <-> 11 pkts/1876 bytes][Goodput ratio: 63.8/60.8][11.47 sec][bytes ratio: 0.222 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 866.5/28.1 11074/80 2946.8/34.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 184.3/170.5 853/487 228.0/155.1][TLSv1.2][Client: slack.com][JA3C: d8dc5f8940df366b3a58b935569143e8][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 6 TCP 10.0.0.227:56884 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][12 pkts/2303 bytes <-> 7 pkts/2382 bytes][Goodput ratio: 66.6/80.6][18.51 sec][Host: detectportal.firefox.com][bytes ratio: -0.017 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/31 1824.1/3641.6 10081/10083 3592.5/4384.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 191.9/340.3 373/450 153.1/173.5][URL: detectportal.firefox.com/success.txt?ipv4][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt)] + 7 TCP 10.0.0.227:56320 <-> 10.0.0.149:8009 [proto: 161/CiscoVPN][cat: VPN/2][20 pkts/2420 bytes <-> 10 pkts/1760 bytes][Goodput ratio: 45.4/62.5][45.04 sec][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/5003 2648.5/5003.6 5001/5006 2494.5/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/176 121.0/176.0 176/176 55.0/0.0] + 8 ICMPV6 [fe80::2e7e:81ff:feb0:4aa1]:0 -> [ff02::1]:0 [proto: 102/ICMPV6][cat: Network/14][16 pkts/2784 bytes -> 0 pkts/0 bytes][Goodput ratio: 64.3/0.0][45.47 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2867/0 3027.8/0.0 3072/0 84.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 174/0 174.0/0.0 174/0 0.0/0.0] + 9 TCP 10.0.0.227:56955 <-> 10.0.0.151:8060 [proto: 7/HTTP][cat: Web/5][6 pkts/650 bytes <-> 5 pkts/1668 bytes][Goodput ratio: 37.2/79.7][4.02 sec][Host: 10.0.0.151][bytes ratio: -0.439 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 4.0/3.7 9/6 3.2/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108.3/333.6 308/1206 89.4/442.2][URL: 10.0.0.151:8060/dial/dd.xml][StatusCode: 200][ContentType: text/xml][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][PLAIN TEXT (GET /dial/dd.xml HTTP/1.1)] + 10 TCP 10.0.0.227:56917 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][6 pkts/976 bytes <-> 4 pkts/1032 bytes][Goodput ratio: 61.8/74.3][18.47 sec][Host: detectportal.firefox.com][bytes ratio: -0.028 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 28/573 3694.2/6150.7 10081/10078 4344.1/4052.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 162.7/258.0 368/450 145.3/192.0][URL: detectportal.firefox.com/success.txt][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt HTTP/1.1)] + 11 TCP 10.0.0.227:56954 <-> 10.0.0.149:8008 [proto: 7/HTTP][cat: Web/5][4 pkts/527 bytes <-> 3 pkts/1401 bytes][Goodput ratio: 47.5/85.2][0.01 sec][Host: 10.0.0.149][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 2.3/3.0 6/3 2.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131.8/467.0 317/1261 107.1/561.5][URL: 10.0.0.149:8008/ssdp/device-desc.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][PLAIN TEXT (HGET /ssdp/device)] + 12 UDP [fe80::408:3e45:3abc:1552]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1628 bytes -> 0 pkts/0 bytes][Goodput ratio: 65.7/0.0][25.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174.0/0.0 11263/0 3646.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 152/0 180.9/0.0 206/0 23.9/0.0][PLAIN TEXT (companion)] + 13 UDP 10.0.0.227:137 -> 10.0.0.255:137 [proto: 10/NetBIOS][cat: System/18][15 pkts/1542 bytes -> 0 pkts/0 bytes][Goodput ratio: 59.1/0.0][6.05 sec][Host: lp-rkerur-osx][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 464.8/0.0 1499/0 677.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 102.8/0.0 110/0 8.8/0.0][PLAIN TEXT ( EMFACNFCELEFFC)] + 14 TCP 10.0.0.227:56914 <-> 52.37.243.173:443 [proto: 91.178/TLS.Amazon][cat: Web/5][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 37.6/29.0][21.75 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/1 3340.0/2604.6 9634/9670 4129.5/3611.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.9/93.0 131/129 30.9/31.2] + 15 TCP 10.0.0.227:56915 <-> 52.37.243.173:443 [proto: 91.178/TLS.Amazon][cat: Web/5][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 37.6/29.0][22.76 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 3339.8/3010.6 10636/10673 4210.1/3966.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.9/93.0 131/129 30.9/31.2] + 16 UDP 10.0.0.213:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 73.8/0.0][25.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3173.9/0.0 11263/0 3646.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 132/0 160.9/0.0 186/0 23.9/0.0][PLAIN TEXT (companion)] + 17 UDP 10.0.0.151:1900 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][4 pkts/1412 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.0/0.0][2.86 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 18 TCP 10.0.0.227:56881 <-> 162.222.43.153:443 [proto: 91/TLS][cat: Web/5][6 pkts/762 bytes <-> 6 pkts/396 bytes][Goodput ratio: 48.0/0.0][0.05 sec][bytes ratio: 0.316 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 0.0/0.8 0/2 0.0/0.8][Pkt Len c2s/s2c min/avg/max/stddev: 82/66 127.0/66.0 292/66 75.4/0.0] + 19 UDP 10.0.0.227:57547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.5/0.0][3.00 sec][PLAIN TEXT (SEARCH )] + 20 UDP 10.0.0.149:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/655 bytes -> 0 pkts/0 bytes][Goodput ratio: 74.2/0.0][0.00 sec][PLAIN TEXT (googlezone)] + 21 UDP 10.0.0.149:38616 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 22 UDP 10.0.0.149:48166 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 23 UDP 10.0.0.149:49816 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 24 UDP 10.0.0.149:50081 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 25 UDP 10.0.0.149:51382 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 26 UDP 10.0.0.227:5353 -> 10.0.0.213:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/548 bytes -> 0 pkts/0 bytes][Goodput ratio: 84.5/0.0][12.10 sec][_companion-link._tcp.local][PLAIN TEXT (companion)] + 27 TCP 10.0.0.227:56879 <-> 52.10.115.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/342 bytes <-> 2 pkts/202 bytes][Goodput ratio: 22.7/34.5][0.61 sec][bytes ratio: 0.257 (Upload)][IAT c2s/s2c min/avg/max/stddev: 33/574 203.0/574.0 541/574 239.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/101 85.5/101.0 105/101 19.5/0.0] + 28 UDP 10.0.0.227:59582 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/92 bytes <-> 1 pkts/323 bytes][Goodput ratio: 53.8/86.7][0.02 sec][Host: 1-courier.sandbox.push.apple.com][PLAIN TEXT (courier)] + 29 TCP 10.0.0.227:56871 <-> 8.37.103.196:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 5 pkts/330 bytes][Goodput ratio: 0.0/0.0][20.32 sec][bytes ratio: -0.667 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/66.0 66/66 0.0/0.0] + 30 TCP 10.0.0.227:56916 -> 10.0.0.151:8009 [proto: 139/AJP][cat: Web/5][5 pkts/390 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][5.03 sec] + 31 TCP 10.0.0.227:56886 <-> 17.57.144.116:5223 [proto: 238/ApplePush][cat: Cloud/13][3 pkts/174 bytes <-> 2 pkts/185 bytes][Goodput ratio: 0.0/28.5][0.02 sec] + 32 UDP 10.0.0.151:1900 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/353 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.9/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 33 TCP 10.0.0.227:56910 <-> 35.201.124.9:443 [proto: 91/TLS][cat: Web/5][2 pkts/170 bytes <-> 2 pkts/164 bytes][Goodput ratio: 22.2/19.4][0.05 sec] + 34 UDP 10.0.0.227:62427 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/84 bytes <-> 1 pkts/242 bytes][Goodput ratio: 49.4/82.3][0.02 sec][Host: detectportal.firefox.com][PLAIN TEXT (detectportal)] + 35 UDP 10.0.0.227:58074 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/230 bytes][Goodput ratio: 43.4/81.4][0.01 sec][Host: www.outlook.com][PLAIN TEXT (outlook)] + 36 UDP 10.0.0.227:60341 <-> 75.75.75.75:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/224 bytes][Goodput ratio: 41.9/80.9][0.01 sec][Host: www.apple.com][PLAIN TEXT (edgekey)] + 37 UDP 10.0.0.227:64193 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/85 bytes <-> 1 pkts/192 bytes][Goodput ratio: 50.0/77.7][0.02 sec][Host: 24-courier.push.apple.com][PLAIN TEXT (courier)] + 38 UDP 10.0.0.227:51060 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/84 bytes <-> 1 pkts/190 bytes][Goodput ratio: 49.4/77.5][0.02 sec][Host: 1-courier.push.apple.com][PLAIN TEXT (courier)] + 39 UDP 10.0.0.227:52879 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Goodput ratio: 54.3/75.4][0.02 sec][Host: vcacrashplan01.hq.corp.viasat.com][PLAIN TEXT (cacrashplan)] + 40 UDP 10.0.0.227:57261 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Goodput ratio: 54.3/75.4][0.02 sec][Host: vcacrashplan01.hq.corp.viasat.com][PLAIN TEXT (cacrashplan)] + 41 UDP 10.0.0.227:61387 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Goodput ratio: 48.2/73.8][0.03 sec][Host: vco.pandion.viasat.com][PLAIN TEXT (pandion)] + 42 UDP 10.0.0.227:62322 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Goodput ratio: 48.2/73.8][0.05 sec][Host: vco.pandion.viasat.com][PLAIN TEXT (pandion)] + 43 UDP 10.0.0.227:57017 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54.3/70.5][0.02 sec][Host: lp-rkerur-osx.hsd1.ca.comcast.net][PLAIN TEXT (RKERUR)] + 44 UDP 10.0.0.227:59222 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54.3/70.5][0.02 sec][Host: lp-rkerur-osx.hsd1.ca.comcast.net][PLAIN TEXT (RKERUR)] + 45 UDP 10.0.0.227:54851 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/157 bytes][Goodput ratio: 44.2/72.8][0.05 sec][Host: print.viasat.com][PLAIN TEXT (viasat)] + 46 UDP 10.0.0.227:61328 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.2/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 47 UDP 10.0.0.227:63107 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Goodput ratio: 34.8/69.5][0.03 sec][Host: local][PLAIN TEXT (servers)] + 48 UDP 10.0.0.227:64972 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/101 bytes][Goodput ratio: 57.8/57.8][0.02 sec][Host: lb._dns-sd._udp.0.128.28.172.in-addr.arpa] + 49 TCP 10.0.0.227:56865 <-> 10.0.0.149:8008 [proto: 161/CiscoVPN][cat: VPN/2][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 50 TCP 10.0.0.227:56885 <-> 184.25.56.53:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.02 sec] + 51 UDP 10.0.0.227:61613 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/97 bytes <-> 1 pkts/97 bytes][Goodput ratio: 56.1/56.1][0.02 sec][Host: lb._dns-sd._udp.0.0.0.10.in-addr.arpa] + 52 UDP 10.0.0.227:49781 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/117 bytes][Goodput ratio: 38.6/63.6][0.02 sec][Host: apple.com] + 53 UDP 10.0.0.227:52879 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48.2/56.6][0.04 sec][Host: vco.pandion.viasat.com][PLAIN TEXT (pandion)] + 54 0 [fe80::408:3e45:3abc:1552]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][1.02 sec] + 55 UDP 10.0.0.227:51990 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/91 bytes][Goodput ratio: 43.4/53.3][0.04 sec][Host: mail.viasat.com][PLAIN TEXT (viasat)] + 56 UDP 10.0.0.227:57253 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/71 bytes <-> 1 pkts/87 bytes][Goodput ratio: 40.3/51.1][0.02 sec][Host: mozilla.org][PLAIN TEXT (mozilla)] + 57 UDP 10.0.0.227:58155 <-> 75.75.76.76:53 [proto: 5.118/DNS.Slack][cat: Collaborative/15][1 pkts/69 bytes <-> 1 pkts/85 bytes][Goodput ratio: 38.6/50.0][0.03 sec][Host: slack.com] + 58 TCP 10.0.0.227:56874 <-> 74.125.197.188:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.04 sec] + 59 IGMP 10.0.0.213:0 -> 224.0.0.2:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][13.31 sec] + 60 IGMP 10.0.0.213:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][13.31 sec] + 61 ICMP 10.0.0.227:0 -> 75.75.76.76:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 62 ICMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 14.0/0.0][< 1 sec] + 63 IGMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 64 IGMP 10.0.0.149:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 65 IGMP 10.0.0.149:0 -> 239.255.3.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 66 IGMP 10.0.0.149:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] Undetected flows: - 1 UDP 10.0.0.227:54107 <-> 8.37.102.91:443 [proto: 0/Unknown][1413 pkts/395331 bytes <-> 1028 pkts/497166 bytes][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11.1/13.0 669/953 35.2/48.1][Pkt Len c2s/s2c min/avg/max/stddev: 135/90 279.8/483.6 1511/1511 283.3/514.4][PLAIN TEXT (m@GOC.)] - 2 TCP 10.0.0.227:56866 -> 10.0.0.151:8060 [proto: 0/Unknown][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 311/0 2655.1/0.0 6845/0 2564.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 3 UDP 10.0.0.227:52595 -> 10.0.0.1:192 [proto: 0/Unknown][10 pkts/460 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 503/0 1948.3/0.0 5506/0 2007.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 46/0 46.0/0.0 46/0 0.0/0.0] + 1 UDP 10.0.0.227:54107 <-> 8.37.102.91:443 [proto: 0/Unknown][1413 pkts/395331 bytes <-> 1028 pkts/497166 bytes][Goodput ratio: 85.0/91.3][20.52 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11.1/13.0 669/953 35.2/48.1][Pkt Len c2s/s2c min/avg/max/stddev: 135/90 279.8/483.6 1511/1511 283.3/514.4][PLAIN TEXT (m@GOC.)] + 2 TCP 10.0.0.227:56866 -> 10.0.0.151:8060 [proto: 0/Unknown][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][21.24 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 311/0 2655.1/0.0 6845/0 2564.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 3 UDP 10.0.0.227:52595 -> 10.0.0.1:192 [proto: 0/Unknown][10 pkts/460 bytes -> 0 pkts/0 bytes][Goodput ratio: 8.7/0.0][17.54 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 503/0 1948.3/0.0 5506/0 2007.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 46/0 46.0/0.0 46/0 0.0/0.0] diff --git a/tests/result/bitcoin.pcap.out b/tests/result/bitcoin.pcap.out index 4b8812b5c..f48febe20 100644 --- a/tests/result/bitcoin.pcap.out +++ b/tests/result/bitcoin.pcap.out @@ -1,8 +1,8 @@ Mining 637 581074 6 - 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][bytes ratio: -0.997 (Download)][IAT c2s/s2c min/avg/max/stddev: 141657/0 141657.0/2643.5 141657/76010 0.0/11325.4][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 140.5/1394.4 171/1514 30.5/378.4][PLAIN TEXT (version)] - 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21788.9/4882.0 100110/64236 26995.1/11546.1][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 521.1/1152.4 1514/1514 577.7/588.7][PLAIN TEXT (version)] - 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][bytes ratio: -0.217 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18993.2/12001.0 134322/105866 27574.8/21527.1][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 696.5/732.7 1514/1514 636.6/652.9][PLAIN TEXT (version)] - 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22660.7/13161.5 91604/95856 25519.8/24264.1][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 570.7/776.8 1514/1514 606.4/673.2][PLAIN TEXT (version)] - 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][bytes ratio: 0.849 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/136 90.5/212.5 655/289 168.7/76.5][Pkt Len c2s/s2c min/avg/max/stddev: 171/86 1354.6/590.3 1514/1514 368.8/654.1][PLAIN TEXT (version)] - 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 238/256 21943.9/256.0 75340/256 19965.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 121/86 128.4/461.3 171/1127 12.3/472.0][PLAIN TEXT (version)] + 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][Goodput ratio: 52.8/95.3][330.56 sec][bytes ratio: -0.997 (Download)][IAT c2s/s2c min/avg/max/stddev: 141657/0 141657.0/2643.5 141657/76010 0.0/11325.4][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 140.5/1394.4 171/1514 30.5/378.4][PLAIN TEXT (version)] + 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][Goodput ratio: 87.3/94.3][1491.26 sec][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21788.9/4882.0 100110/64236 26995.1/11546.1][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 521.1/1152.4 1514/1514 577.7/588.7][PLAIN TEXT (version)] + 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][Goodput ratio: 90.5/91.0][1337.01 sec][bytes ratio: -0.217 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18993.2/12001.0 134322/105866 27574.8/21527.1][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 696.5/732.7 1514/1514 636.6/652.9][PLAIN TEXT (version)] + 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][Goodput ratio: 88.4/91.5][1107.93 sec][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22660.7/13161.5 91604/95856 25519.8/24264.1][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 570.7/776.8 1514/1514 606.4/673.2][PLAIN TEXT (version)] + 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][Goodput ratio: 95.1/88.8][1.27 sec][bytes ratio: 0.849 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/136 90.5/212.5 655/289 168.7/76.5][Pkt Len c2s/s2c min/avg/max/stddev: 171/86 1354.6/590.3 1514/1514 368.8/654.1][PLAIN TEXT (version)] + 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][Goodput ratio: 48.6/85.6][506.07 sec][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 238/256 21943.9/256.0 75340/256 19965.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 121/86 128.4/461.3 171/1127 12.3/472.0][PLAIN TEXT (version)] diff --git a/tests/result/bittorrent.pcap.out b/tests/result/bittorrent.pcap.out index 750a8e869..a8e269edd 100644 --- a/tests/result/bittorrent.pcap.out +++ b/tests/result/bittorrent.pcap.out @@ -1,26 +1,26 @@ BitTorrent 299 305728 24 - 1 TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][bytes ratio: -0.981 (Download)][IAT c2s/s2c min/avg/max/stddev: 12/0 319.4/29.6 779/919 241.2/94.6][Pkt Len c2s/s2c min/avg/max/stddev: 83/80 161.5/1463.2 242/1506 58.0/217.8][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 2 TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][bytes ratio: -0.252 (Download)][IAT c2s/s2c min/avg/max/stddev: 132/72 958.7/2027.0 1966/3982 759.5/1955.0][Pkt Len c2s/s2c min/avg/max/stddev: 80/73 145.8/243.8 198/648 44.2/234.9][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 3 TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][bytes ratio: -0.174 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 489/661 1178.3/883.0 1943/1105 596.0/222.0][Pkt Len c2s/s2c min/avg/max/stddev: 75/113 160.0/303.3 241/650 62.0/245.5][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 4 TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 5 TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 6 TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 7 TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][bytes ratio: -0.350 (Download)][IAT c2s/s2c min/avg/max/stddev: 320/159 407.0/297.5 494/436 87.0/138.5][Pkt Len c2s/s2c min/avg/max/stddev: 80/80 136.7/283.7 196/601 47.4/227.4][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 8 TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 9 TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 10 TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 11 TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 12 TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 13 TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 14 TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 15 TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 16 TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 17 TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 18 TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 19 TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 20 TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 21 TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 22 TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 23 TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] - 24 TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 1 TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][Goodput ratio: 58.7/95.5][5.77 sec][bytes ratio: -0.981 (Download)][IAT c2s/s2c min/avg/max/stddev: 12/0 319.4/29.6 779/919 241.2/94.6][Pkt Len c2s/s2c min/avg/max/stddev: 83/80 161.5/1463.2 242/1506 58.0/217.8][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 2 TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][Goodput ratio: 54.6/72.8][4.11 sec][bytes ratio: -0.252 (Download)][IAT c2s/s2c min/avg/max/stddev: 132/72 958.7/2027.0 1966/3982 759.5/1955.0][Pkt Len c2s/s2c min/avg/max/stddev: 80/73 145.8/243.8 198/648 44.2/234.9][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 3 TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][Goodput ratio: 58.7/78.2][3.54 sec][bytes ratio: -0.174 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 489/661 1178.3/883.0 1943/1105 596.0/222.0][Pkt Len c2s/s2c min/avg/max/stddev: 75/113 160.0/303.3 241/650 62.0/245.5][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 4 TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][Goodput ratio: 77.2/83.8][1.89 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 5 TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][Goodput ratio: 65.9/83.3][0.92 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 6 TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][Goodput ratio: 61.1/82.8][0.92 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 7 TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][Goodput ratio: 51.6/76.6][0.81 sec][bytes ratio: -0.350 (Download)][IAT c2s/s2c min/avg/max/stddev: 320/159 407.0/297.5 494/436 87.0/138.5][Pkt Len c2s/s2c min/avg/max/stddev: 80/80 136.7/283.7 196/601 47.4/227.4][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 8 TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][Goodput ratio: 56.4/82.8][0.09 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 9 TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][Goodput ratio: 55.1/82.8][0.94 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 10 TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][Goodput ratio: 54.9/82.8][0.27 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 11 TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54.3/82.8][0.36 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 12 TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54.3/82.8][0.26 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 13 TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][Goodput ratio: 53.8/82.8][0.45 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 14 TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][Goodput ratio: 51.5/82.8][0.25 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 15 TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][Goodput ratio: 50.4/83.3][0.23 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 16 TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][Goodput ratio: 50.4/89.3][0.22 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 17 TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][Goodput ratio: 62.0/50.0][1.91 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 18 TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][Goodput ratio: 56.4/57.6][0.15 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 19 TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.4/0.0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 20 TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.4/0.0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 21 TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.4/0.0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 22 TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.4/0.0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 23 TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.4/0.0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] + 24 TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.4/0.0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)] diff --git a/tests/result/bittorrent_ip.pcap.out b/tests/result/bittorrent_ip.pcap.out index ecce10c1c..c4366bbc3 100644 --- a/tests/result/bittorrent_ip.pcap.out +++ b/tests/result/bittorrent_ip.pcap.out @@ -1,4 +1,4 @@ BitTorrent 479 508018 2 - 1 TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes][bytes ratio: 0.965 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 5.2/5.7 879/56 54.4/10.5][Pkt Len c2s/s2c min/avg/max/stddev: 1514/66 1514.0/66.0 1514/66 0.0/0.0][PLAIN TEXT (n.m Hh)] - 2 TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes][bytes ratio: 0.920 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.4/10.7 83/83 23.3/24.4][Pkt Len c2s/s2c min/avg/max/stddev: 78/66 1456.6/66.0 1514/66 281.4/0.0][PLAIN TEXT (@RgmZT)] + 1 TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes][Goodput ratio: 95.6/0.0][2.45 sec][bytes ratio: 0.965 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 5.2/5.7 879/56 54.4/10.5][Pkt Len c2s/s2c min/avg/max/stddev: 1514/66 1514.0/66.0 1514/66 0.0/0.0][PLAIN TEXT (n.m Hh)] + 2 TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes][Goodput ratio: 95.4/0.0][0.21 sec][bytes ratio: 0.920 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.4/10.7 83/83 23.3/24.4][Pkt Len c2s/s2c min/avg/max/stddev: 78/66 1456.6/66.0 1514/66 281.4/0.0][PLAIN TEXT (@RgmZT)] diff --git a/tests/result/bittorrent_utp.pcap.out b/tests/result/bittorrent_utp.pcap.out index 0f2229f42..e6dad7ce9 100644 --- a/tests/result/bittorrent_utp.pcap.out +++ b/tests/result/bittorrent_utp.pcap.out @@ -1,3 +1,3 @@ BitTorrent 86 41489 1 - 1 UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes][bytes ratio: 0.767 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/11 222.5/425.0 4392/4641 700.8/934.4][Pkt Len c2s/s2c min/avg/max/stddev: 62/62 779.9/124.0 1514/519 608.8/123.2][PLAIN TEXT (hash20)] + 1 UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes][Goodput ratio: 94.6/66.1][19.22 sec][bytes ratio: 0.767 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/11 222.5/425.0 4392/4641 700.8/934.4][Pkt Len c2s/s2c min/avg/max/stddev: 62/62 779.9/124.0 1514/519 608.8/123.2][PLAIN TEXT (hash20)] diff --git a/tests/result/bt_search.pcap.out b/tests/result/bt_search.pcap.out index 4aed6f139..1a47d1c28 100644 --- a/tests/result/bt_search.pcap.out +++ b/tests/result/bt_search.pcap.out @@ -1,3 +1,3 @@ BitTorrent 2 322 1 - 1 UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] + 1 UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes][Goodput ratio: 73.7/0.0][300.03 sec][PLAIN TEXT (SEARCH )] diff --git a/tests/result/capwap.pcap.out b/tests/result/capwap.pcap.out index 4502d93d4..514fed7ef 100644 --- a/tests/result/capwap.pcap.out +++ b/tests/result/capwap.pcap.out @@ -1,8 +1,8 @@ DNS 2 166 1 CAPWAP 395 98343 4 - 1 UDP 192.168.10.9:5246 <-> 192.168.10.10:12380 [proto: 247/CAPWAP][cat: Network/14][106 pkts/26144 bytes <-> 111 pkts/37530 bytes][bytes ratio: -0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1420.8/1619.1 21349/21721 3881.1/4474.6][Pkt Len c2s/s2c min/avg/max/stddev: 106/115 246.6/338.1 1499/1499 292.0/381.5][PLAIN TEXT (Cisco Systems)] - 2 UDP 192.168.10.10:12380 <-> 192.168.10.9:5247 [proto: 247/CAPWAP][cat: Network/14][170 pkts/33465 bytes <-> 3 pkts/437 bytes][bytes ratio: 0.974 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 964.3/0.0 3999/0 858.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 93/125 196.9/145.7 470/168 78.3/17.6] - 3 UDP 192.168.10.10:12380 -> 255.255.255.255:5246 [proto: 247/CAPWAP][cat: Network/14][4 pkts/660 bytes -> 0 pkts/0 bytes][PLAIN TEXT (838.61f)] - 4 UDP 192.168.10.10:49259 -> 255.255.255.255:53 [proto: 5/DNS][cat: Network/14][2 pkts/166 bytes -> 0 pkts/0 bytes][Host: cisco-capwap-controller][PLAIN TEXT (CAPWAP)] - 5 UDP 192.168.10.9:5246 -> 192.168.10.10:12379 [proto: 247/CAPWAP][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.10.9:5246 <-> 192.168.10.10:12380 [proto: 247/CAPWAP][cat: Network/14][106 pkts/26144 bytes <-> 111 pkts/37530 bytes][Goodput ratio: 83.0/87.6][169.10 sec][bytes ratio: -0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1420.8/1619.1 21349/21721 3881.1/4474.6][Pkt Len c2s/s2c min/avg/max/stddev: 106/115 246.6/338.1 1499/1499 292.0/381.5][PLAIN TEXT (Cisco Systems)] + 2 UDP 192.168.10.10:12380 <-> 192.168.10.9:5247 [proto: 247/CAPWAP][cat: Network/14][170 pkts/33465 bytes <-> 3 pkts/437 bytes][Goodput ratio: 78.7/71.0][157.99 sec][bytes ratio: 0.974 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 964.3/0.0 3999/0 858.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 93/125 196.9/145.7 470/168 78.3/17.6] + 3 UDP 192.168.10.10:12380 -> 255.255.255.255:5246 [proto: 247/CAPWAP][cat: Network/14][4 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 74.4/0.0][130.41 sec][PLAIN TEXT (838.61f)] + 4 UDP 192.168.10.10:49259 -> 255.255.255.255:53 [proto: 5/DNS][cat: Network/14][2 pkts/166 bytes -> 0 pkts/0 bytes][Goodput ratio: 49.1/0.0][3.00 sec][Host: cisco-capwap-controller][PLAIN TEXT (CAPWAP)] + 5 UDP 192.168.10.9:5246 -> 192.168.10.10:12379 [proto: 247/CAPWAP][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes][Goodput ratio: 60.2/0.0][< 1 sec] diff --git a/tests/result/check_mk_new.pcap.out b/tests/result/check_mk_new.pcap.out index 95bd4a259..48b10a2aa 100644 --- a/tests/result/check_mk_new.pcap.out +++ b/tests/result/check_mk_new.pcap.out @@ -1,3 +1,3 @@ CHECKMK 98 20242 1 - 1 TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes][bytes ratio: -0.680 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.6/0.5 4/4 1.0/0.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.2/346.9 74/4162 1.1/757.9][PLAIN TEXT (k@Version)] + 1 TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes][Goodput ratio: 0.0/80.9][0.04 sec][bytes ratio: -0.680 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.6/0.5 4/4 1.0/0.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.2/346.9 74/4162 1.1/757.9][PLAIN TEXT (k@Version)] diff --git a/tests/result/coap_mqtt.pcap.out b/tests/result/coap_mqtt.pcap.out index 3ceaea296..25df42a3e 100644 --- a/tests/result/coap_mqtt.pcap.out +++ b/tests/result/coap_mqtt.pcap.out @@ -2,19 +2,19 @@ COAP 19 1614 8 Dropbox 800 80676 4 MQTT 7695 668291 4 - 1 TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes][bytes ratio: -0.078 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.6/20.0 4242/4438 157.2/156.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83.5/90.0 118/140 26.8/40.8][PLAIN TEXT (17Info)] - 2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes][bytes ratio: -0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.6/30.5 12952/13150 480.5/460.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83.5/89.7 118/140 26.8/40.8][PLAIN TEXT (messageType)] - 3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 53.1/48.1 27310/27505 1011.0/966.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83.5/90.0 118/140 26.8/40.8][PLAIN TEXT (messageType)] - 4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes][bytes ratio: 0.083 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 14.7/15.6 73/204 16.4/17.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 89.8/83.6 140/118 40.8/26.8][PLAIN TEXT (messageType)] - 5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.6/112.5 150/151 10.9/10.6][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.6/62.6 143/66 2.3/2.3][PLAIN TEXT (messageType)] - 6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111.3/111.2 154/150 9.7/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.5/62.5 143/66 2.1/2.1][PLAIN TEXT (messageType)] - 7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110.2/110.1 172/164 11.3/11.1][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.2/62.2 143/66 2.3/2.3][PLAIN TEXT (messageType)] - 8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.3/112.7 151/147 9.6/9.4][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.1/62.1 143/66 2.3/2.3][PLAIN TEXT (messageType)] - 9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 16604/16599 43490.0/43489.0 70376/70379 26886.0/26890.0][Pkt Len c2s/s2c min/avg/max/stddev: 85/66 87.3/68.3 92/73 3.3/3.3][PLAIN TEXT (storage)] - 10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes][PLAIN TEXT (separate)] - 11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes][PLAIN TEXT (storage)] - 12 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes] - 13 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] - 14 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] - 15 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] - 16 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes][Goodput ratio: 33.4/40.0][19.84 sec][bytes ratio: -0.078 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.6/20.0 4242/4438 157.2/156.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83.5/90.0 118/140 26.8/40.8][PLAIN TEXT (17Info)] + 2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes][Goodput ratio: 33.4/39.8][28.52 sec][bytes ratio: -0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.6/30.5 12952/13150 480.5/460.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83.5/89.7 118/140 26.8/40.8][PLAIN TEXT (messageType)] + 3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes][Goodput ratio: 33.3/40.0][42.88 sec][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 53.1/48.1 27310/27505 1011.0/966.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83.5/90.0 118/140 26.8/40.8][PLAIN TEXT (messageType)] + 4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes][Goodput ratio: 39.9/33.5][15.37 sec][bytes ratio: 0.083 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 14.7/15.6 73/204 16.4/17.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 89.8/83.6 140/118 40.8/26.8][PLAIN TEXT (messageType)] + 5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][Goodput ratio: 69.9/32.9][11.19 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.6/112.5 150/151 10.9/10.6][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.6/62.6 143/66 2.3/2.3][PLAIN TEXT (messageType)] + 6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][Goodput ratio: 69.9/32.8][11.09 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111.3/111.2 154/150 9.7/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.5/62.5 143/66 2.1/2.1][PLAIN TEXT (messageType)] + 7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][Goodput ratio: 69.8/32.5][10.92 sec][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110.2/110.1 172/164 11.3/11.1][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.2/62.2 143/66 2.3/2.3][PLAIN TEXT (messageType)] + 8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][Goodput ratio: 69.8/32.4][11.20 sec][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.3/112.7 151/147 9.6/9.4][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.1/62.1 143/66 2.3/2.3][PLAIN TEXT (messageType)] + 9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes][Goodput ratio: 28.9/9.2][87.03 sec][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 16604/16599 43490.0/43489.0 70376/70379 26886.0/26890.0][Pkt Len c2s/s2c min/avg/max/stddev: 85/66 87.3/68.3 92/73 3.3/3.3][PLAIN TEXT (storage)] + 10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes][Goodput ratio: 15.5/51.6][1.15 sec][PLAIN TEXT (separate)] + 11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes][Goodput ratio: 21.4/17.8][8.41 sec][PLAIN TEXT (storage)] + 12 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 30.8/0.0][< 1 sec] + 13 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.6/0.0][< 1 sec] + 14 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.6/0.0][< 1 sec] + 15 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.6/0.0][< 1 sec] + 16 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.6/0.0][< 1 sec] diff --git a/tests/result/diameter.pcap.out b/tests/result/diameter.pcap.out index 4d6a6041e..a100db66f 100644 --- a/tests/result/diameter.pcap.out +++ b/tests/result/diameter.pcap.out @@ -1,3 +1,3 @@ Diameter 6 1980 1 - 1 TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Network/14][3 pkts/1174 bytes <-> 3 pkts/806 bytes][bytes ratio: 0.186 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13/12 39.0/31.5 65/51 26.0/19.5][Pkt Len c2s/s2c min/avg/max/stddev: 362/226 391.3/268.7 414/290 21.7/30.2][PLAIN TEXT (1263278878147)] + 1 TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Network/14][3 pkts/1174 bytes <-> 3 pkts/806 bytes][Goodput ratio: 86.1/79.8][0.09 sec][bytes ratio: 0.186 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13/12 39.0/31.5 65/51 26.0/19.5][Pkt Len c2s/s2c min/avg/max/stddev: 362/226 391.3/268.7 414/290 21.7/30.2][PLAIN TEXT (1263278878147)] diff --git a/tests/result/dns_doh.pcap.out b/tests/result/dns_doh.pcap.out index d0f545f3d..fff57a69f 100644 --- a/tests/result/dns_doh.pcap.out +++ b/tests/result/dns_doh.pcap.out @@ -5,4 +5,4 @@ JA3 Host Stats: 1 172.20.10.4 1 - 1 TCP 172.20.10.4:49877 <-> 104.16.248.249:443 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][86 pkts/8460 bytes <-> 56 pkts/11902 bytes][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.6/30.8 535/580 86.2/115.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98.4/212.5 571/1354 68.9/257.4][TLSv1.3][Client: mozilla.cloudflare-dns.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256] + 1 TCP 172.20.10.4:49877 <-> 104.16.248.249:443 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][86 pkts/8460 bytes <-> 56 pkts/11902 bytes][Goodput ratio: 44.8/74.5][3.24 sec][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.6/30.8 535/580 86.2/115.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98.4/212.5 571/1354 68.9/257.4][TLSv1.3][Client: mozilla.cloudflare-dns.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256] diff --git a/tests/result/dns_dot.pcap.out b/tests/result/dns_dot.pcap.out index 9d7c3781b..f555047b0 100644 --- a/tests/result/dns_dot.pcap.out +++ b/tests/result/dns_dot.pcap.out @@ -5,4 +5,4 @@ JA3 Host Stats: 1 192.168.1.185 1 - 1 TCP 192.168.1.185:58290 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][cat: Web/5][14 pkts/1480 bytes <-> 10 pkts/4389 bytes][bytes ratio: -0.496 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 269.6/181.6 1596/1192 531.3/412.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.7/438.9 264/3135 52.7/903.0][TLSv1.2][JA3C: 4fe4099926d0acdc9b2fe4b02013659f][Server: dns.google][JA3S: 2b341b88c742e940cfb485ce7d93dde7][Organization: Google LLC][Certificate SHA-1: BE:73:46:2A:2E:FB:A9:E9:42:D0:71:10:1B:8C:BF:44:6A:5D:AD:53][Validity: 2017-06-15 00:00:42 - 2021-12-15 00:00:42][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256] + 1 TCP 192.168.1.185:58290 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][cat: Web/5][14 pkts/1480 bytes <-> 10 pkts/4389 bytes][Goodput ratio: 37.0/84.8][3.01 sec][bytes ratio: -0.496 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 269.6/181.6 1596/1192 531.3/412.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.7/438.9 264/3135 52.7/903.0][TLSv1.2][JA3C: 4fe4099926d0acdc9b2fe4b02013659f][Server: dns.google][JA3S: 2b341b88c742e940cfb485ce7d93dde7][Organization: Google LLC][Certificate SHA-1: BE:73:46:2A:2E:FB:A9:E9:42:D0:71:10:1B:8C:BF:44:6A:5D:AD:53][Validity: 2017-06-15 00:00:42 - 2021-12-15 00:00:42][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256] diff --git a/tests/result/dnscrypt.pcap.out b/tests/result/dnscrypt.pcap.out index 38547b3c3..1d51685ac 100644 --- a/tests/result/dnscrypt.pcap.out +++ b/tests/result/dnscrypt.pcap.out @@ -5,7 +5,7 @@ JA3 Host Stats: 1 192.168.43.167 2 - 1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][bytes ratio: -0.782 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36.3/19.9 114/119 43.4/33.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99.3/694.3 272/1364 67.6/593.9][TLSv1.2][Client: simplednscrypt.org][JA3C: b8f81673c0e1d29908346f3bab892b9b][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24.9/24.9 105/106 34.0/34.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 110.4/516.1 334/1364 76.2/542.4][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 72.5/31.5 188/124 74.3/50.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 97.5/773.5 264/1364 75.0/597.4][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 59.5/32.5 136/140 58.9/52.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 97.5/773.5 264/1364 75.0/597.4][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][Goodput ratio: 44.9/92.1][0.71 sec][bytes ratio: -0.782 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36.3/19.9 114/119 43.4/33.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99.3/694.3 272/1364 67.6/593.9][TLSv1.2][Client: simplednscrypt.org][JA3C: b8f81673c0e1d29908346f3bab892b9b][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][Goodput ratio: 50.5/89.4][0.52 sec][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24.9/24.9 105/106 34.0/34.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 110.4/516.1 334/1364 76.2/542.4][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43.0/92.9][0.44 sec][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 72.5/31.5 188/124 74.3/50.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 97.5/773.5 264/1364 75.0/597.4][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43.0/92.9][0.36 sec][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 59.5/32.5 136/140 58.9/52.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 97.5/773.5 264/1364 75.0/597.4][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][Server: simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] diff --git a/tests/result/drda_db2.pcap.out b/tests/result/drda_db2.pcap.out index 95ebcd91c..3595b173d 100644 --- a/tests/result/drda_db2.pcap.out +++ b/tests/result/drda_db2.pcap.out @@ -1,3 +1,3 @@ DRDA 38 6691 1 - 1 TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2370.9/2905.2 17828/17986 5833.5/6421.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 158.4/195.7 717/684 168.7/193.1][PLAIN TEXT (@@@@@@@@@@@)] + 1 TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes][Goodput ratio: 65.6/72.2][38.46 sec][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2370.9/2905.2 17828/17986 5833.5/6421.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 158.4/195.7 717/684 168.7/193.1][PLAIN TEXT (@@@@@@@@@@@)] diff --git a/tests/result/dropbox.pcap.out b/tests/result/dropbox.pcap.out index dccebb49e..2ff3a6b30 100644 --- a/tests/result/dropbox.pcap.out +++ b/tests/result/dropbox.pcap.out @@ -1,17 +1,17 @@ Dropbox 848 90532 15 - 1 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.6/112.5 150/151 10.9/10.6][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.6/62.6 143/66 2.3/2.3][PLAIN TEXT (messageType)] - 2 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111.3/111.2 154/150 9.7/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.5/62.5 143/66 2.1/2.1][PLAIN TEXT (messageType)] - 3 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110.2/110.1 172/164 11.3/11.1][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.2/62.2 143/66 2.3/2.3][PLAIN TEXT (messageType)] - 4 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.3/112.7 151/147 9.6/9.4][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.1/62.1 143/66 2.3/2.3][PLAIN TEXT (messageType)] - 5 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621.4/0.0 13107/0 5242.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237.0/0.0 237/0 0.0/0.0][PLAIN TEXT ( 274363570036934823360341409051)] - 6 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621.4/0.0 13107/0 5242.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237.0/0.0 237/0 0.0/0.0][PLAIN TEXT ( 274363570036934823360341409051)] - 7 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Host: log.getdropbox.com][bytes ratio: -0.551 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/194 78.0/269.5 78/345 0.0/75.5][PLAIN TEXT (getdropbox)] - 8 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Host: client.dropbox.com][PLAIN TEXT (client)] - 9 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Host: d.dropbox.com][PLAIN TEXT (dropbox)] - 10 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Host: client-cf.dropbox.com][PLAIN TEXT (client)] - 11 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Host: notify.dropbox.com][PLAIN TEXT (notify)] - 12 UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][PLAIN TEXT (version)] - 13 UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][PLAIN TEXT (version)] - 14 UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][PLAIN TEXT (namespaces)] - 15 UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][PLAIN TEXT (namespaces)] + 1 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][Goodput ratio: 69.9/32.9][11.19 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.6/112.5 150/151 10.9/10.6][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.6/62.6 143/66 2.3/2.3][PLAIN TEXT (messageType)] + 2 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][Goodput ratio: 69.9/32.8][11.09 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111.3/111.2 154/150 9.7/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.5/62.5 143/66 2.1/2.1][PLAIN TEXT (messageType)] + 3 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][Goodput ratio: 69.8/32.5][10.92 sec][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110.2/110.1 172/164 11.3/11.1][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.2/62.2 143/66 2.3/2.3][PLAIN TEXT (messageType)] + 4 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][Goodput ratio: 69.8/32.4][11.20 sec][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112.3/112.7 151/147 9.6/9.4][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139.1/62.1 143/66 2.3/2.3][PLAIN TEXT (messageType)] + 5 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][Goodput ratio: 82.2/0.0][13.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621.4/0.0 13107/0 5242.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237.0/0.0 237/0 0.0/0.0][PLAIN TEXT ( 274363570036934823360341409051)] + 6 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][Goodput ratio: 82.2/0.0][13.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621.4/0.0 13107/0 5242.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237.0/0.0 237/0 0.0/0.0][PLAIN TEXT ( 274363570036934823360341409051)] + 7 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Goodput ratio: 46.0/84.3][0.04 sec][Host: log.getdropbox.com][bytes ratio: -0.551 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/194 78.0/269.5 78/345 0.0/75.5][PLAIN TEXT (getdropbox)] + 8 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Goodput ratio: 45.9/87.3][0.12 sec][Host: client.dropbox.com][PLAIN TEXT (client)] + 9 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Goodput ratio: 42.2/86.9][0.17 sec][Host: d.dropbox.com][PLAIN TEXT (dropbox)] + 10 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Goodput ratio: 47.9/86.1][0.18 sec][Host: client-cf.dropbox.com][PLAIN TEXT (client)] + 11 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Goodput ratio: 45.9/85.6][0.03 sec][Host: notify.dropbox.com][PLAIN TEXT (notify)] + 12 UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.9/0.0][60.01 sec][PLAIN TEXT (version)] + 13 UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.9/0.0][60.01 sec][PLAIN TEXT (version)] + 14 UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.4/0.0][31.34 sec][PLAIN TEXT (namespaces)] + 15 UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.4/0.0][31.34 sec][PLAIN TEXT (namespaces)] diff --git a/tests/result/ethereum.pcap.out b/tests/result/ethereum.pcap.out index c47d5ad0b..aafe4df89 100644 --- a/tests/result/ethereum.pcap.out +++ b/tests/result/ethereum.pcap.out @@ -1,4 +1,4 @@ Mining 819 134165 2 - 1 TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Mining/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes][bytes ratio: -0.184 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2596.1/3847.5 9968/11081 3517.9/3668.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 110.6/248.9 295/314 59.2/100.1][PLAIN TEXT (worker)] - 2 TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Mining/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes][bytes ratio: -0.064 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1749.4/1867.9 9914/9999 3194.4/3064.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107.9/188.9 271/314 57.4/116.4][PLAIN TEXT (worker)] + 1 TCP 192.168.2.92:57726 <-> 94.23.36.128:4444 [proto: 42/Mining][cat: Mining/99][478 pkts/52883 bytes <-> 308 pkts/76667 bytes][Goodput ratio: 40.3/73.4][1191.49 sec][bytes ratio: -0.184 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2596.1/3847.5 9968/11081 3517.9/3668.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 110.6/248.9 295/314 59.2/100.1][PLAIN TEXT (worker)] + 2 TCP 192.168.2.92:41680 <-> 91.121.222.33:4444 [proto: 42/Mining][cat: Mining/99][20 pkts/2159 bytes <-> 13 pkts/2456 bytes][Goodput ratio: 38.5/63.7][36.86 sec][bytes ratio: -0.064 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1749.4/1867.9 9914/9999 3194.4/3064.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107.9/188.9 271/314 57.4/116.4][PLAIN TEXT (worker)] diff --git a/tests/result/facebook.pcap.out b/tests/result/facebook.pcap.out index a6bfbfff9..043e9d33e 100644 --- a/tests/result/facebook.pcap.out +++ b/tests/result/facebook.pcap.out @@ -5,5 +5,5 @@ JA3 Host Stats: 1 192.168.43.18 2 - 1 TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][bytes ratio: -0.785 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 35.1/30.5 154/154 52.5/52.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 140.2/1004.6 583/1454 137.4/604.5][TLSv1.2][Client: www.facebook.com][JA3C: 5c60e71f1b8cd40e4d40ed5b6d666e3f][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] - 2 TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][bytes ratio: -0.532 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 148.4/73.2 414/313 171.7/127.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 149.4/440.0 449/1454 124.6/521.5][TLSv1.2][Client: facebook.com][JA3C: bfcc1a3891601edb4f137ab7ab25b840][Server: *.facebook.com][JA3S: 2d1eb5817ece335c24904f516ad5da12][Organization: Facebook, Inc.][Certificate SHA-1: A0:4E:AF:B3:48:C2:6B:15:A8:C1:AA:87:A3:33:CA:A3:CD:EE:C9:C9][Validity: 2014-08-28 00:00:00 - 2016-12-30 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 1 TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][Goodput ratio: 52.6/93.4][0.68 sec][bytes ratio: -0.785 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 35.1/30.5 154/154 52.5/52.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 140.2/1004.6 583/1454 137.4/604.5][TLSv1.2][Client: www.facebook.com][JA3C: 5c60e71f1b8cd40e4d40ed5b6d666e3f][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 2 TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][Goodput ratio: 55.2/84.8][1.30 sec][bytes ratio: -0.532 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 148.4/73.2 414/313 171.7/127.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 149.4/440.0 449/1454 124.6/521.5][TLSv1.2][Client: facebook.com][JA3C: bfcc1a3891601edb4f137ab7ab25b840][Server: *.facebook.com][JA3S: 2d1eb5817ece335c24904f516ad5da12][Organization: Facebook, Inc.][Certificate SHA-1: A0:4E:AF:B3:48:C2:6B:15:A8:C1:AA:87:A3:33:CA:A3:CD:EE:C9:C9][Validity: 2014-08-28 00:00:00 - 2016-12-30 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] diff --git a/tests/result/fix.pcap.out b/tests/result/fix.pcap.out index bc55b8648..190fa9f8a 100644 --- a/tests/result/fix.pcap.out +++ b/tests/result/fix.pcap.out @@ -1,14 +1,14 @@ FIX 1261 115514 12 - 1 TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes][bytes ratio: 0.308 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/0 99.9/99.9 850/850 126.8/126.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 115.5/61.1 511/140 53.6/9.1][PLAIN TEXT (FIX.4.1)] - 2 TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 110.2/109.3 501/500 86.0/84.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.7/67.3 169/153 15.4/10.5][PLAIN TEXT (FIX.4.1)] - 3 TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes][bytes ratio: 0.375 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 202.0/198.7 265/291 95.5/97.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 152.1/69.2 288/164 42.2/16.5][PLAIN TEXT (FIX.4.1)] - 4 TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/0 697.0/691.7 5507/5507 974.6/978.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 86.3/66.9 93/141 10.0/22.6][PLAIN TEXT (FIX.4.1)] - 5 TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/0 1071.5/1066.8 3366/3366 840.7/847.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107.7/75.4 147/151 18.9/26.7][PLAIN TEXT (FIX.4.1)] - 6 TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes][bytes ratio: 0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 54/0 2140.9/2146.9 4977/4935 1578.7/1591.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 106.8/77.8 135/140 32.5/33.3][PLAIN TEXT (FIX.4.1)] - 7 TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4240/4262 4866.8/4866.8 5760/5738 653.3/633.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115.4/96.8 179/143 43.7/37.7][PLAIN TEXT (FIX.4.1)] - 8 TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes][bytes ratio: -0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 18/10021 4012.2/6681.0 10004/10022 4889.8/4724.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.5/130.5 105/152 19.5/37.2][PLAIN TEXT (FIX.4.1)] - 9 TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2499.8/2500.0 6254/6212 2634.7/2608.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76.0/110.2 108/153 22.6/41.3][PLAIN TEXT (FIX.4.1)] - 10 TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2499.8/2499.8 8435/8394 3472.7/3448.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76.0/110.2 108/152 22.6/41.2][PLAIN TEXT (FIX.4.1)] - 11 TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes][bytes ratio: -0.039 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/10000 4009.8/6666.7 9950/10000 4832.2/4714.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 73.5/119.2 93/139 19.5/34.2][PLAIN TEXT (FIX.4.1)] - 12 TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/10000 3339.3/10000.0 9980/10000 4695.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/151 85.5/151.5 105/152 19.5/0.5][PLAIN TEXT (FIX.4.1)] + 1 TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes][Goodput ratio: 53.2/1.9][22.80 sec][bytes ratio: 0.308 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/0 99.9/99.9 850/850 126.8/126.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 115.5/61.1 511/140 53.6/9.1][PLAIN TEXT (FIX.4.1)] + 2 TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes][Goodput ratio: 37.6/1.9][22.86 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 110.2/109.3 501/500 86.0/84.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.7/67.3 169/153 15.4/10.5][PLAIN TEXT (FIX.4.1)] + 3 TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes][Goodput ratio: 56.6/4.6][22.65 sec][bytes ratio: 0.375 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 202.0/198.7 265/291 95.5/97.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 152.1/69.2 288/164 42.2/16.5][PLAIN TEXT (FIX.4.1)] + 4 TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes][Goodput ratio: 37.4/11.1][22.43 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/0 697.0/691.7 5507/5507 974.6/978.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 86.3/66.9 93/141 10.0/22.6][PLAIN TEXT (FIX.4.1)] + 5 TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes][Goodput ratio: 38.7/12.5][21.69 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/0 1071.5/1066.8 3366/3366 840.7/847.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107.7/75.4 147/151 18.9/26.7][PLAIN TEXT (FIX.4.1)] + 6 TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes][Goodput ratio: 49.4/24.5][20.03 sec][bytes ratio: 0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 54/0 2140.9/2146.9 4977/4935 1578.7/1591.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 106.8/77.8 135/140 32.5/33.3][PLAIN TEXT (FIX.4.1)] + 7 TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes][Goodput ratio: 42.7/31.8][19.47 sec][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4240/4262 4866.8/4866.8 5760/5738 653.3/633.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115.4/96.8 179/143 43.7/37.7][PLAIN TEXT (FIX.4.1)] + 8 TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes][Goodput ratio: 22.8/49.3][20.06 sec][bytes ratio: -0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 18/10021 4012.2/6681.0 10004/10022 4889.8/4724.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.5/130.5 105/152 19.5/37.2][PLAIN TEXT (FIX.4.1)] + 9 TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][Goodput ratio: 28.9/48.7][10.10 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2499.8/2500.0 6254/6212 2634.7/2608.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76.0/110.2 108/153 22.6/41.3][PLAIN TEXT (FIX.4.1)] + 10 TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][Goodput ratio: 28.9/48.7][10.17 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2499.8/2499.8 8435/8394 3472.7/3448.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76.0/110.2 108/152 22.6/41.2][PLAIN TEXT (FIX.4.1)] + 11 TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes][Goodput ratio: 26.5/53.3][20.05 sec][bytes ratio: -0.039 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/10000 4009.8/6666.7 9950/10000 4832.2/4714.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 73.5/119.2 93/139 19.5/34.2][PLAIN TEXT (FIX.4.1)] + 12 TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes][Goodput ratio: 22.7/56.2][10.02 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/10000 3339.3/10000.0 9980/10000 4695.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/151 85.5/151.5 105/152 19.5/0.5][PLAIN TEXT (FIX.4.1)] diff --git a/tests/result/ftp.pcap.out b/tests/result/ftp.pcap.out index 3f3a6b25f..c0a8802b0 100644 --- a/tests/result/ftp.pcap.out +++ b/tests/result/ftp.pcap.out @@ -2,9 +2,9 @@ Unknown 1115 1122198 1 FTP_CONTROL 68 5571 1 FTP_DATA 9 1819 1 - 1 TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][User: anonymous][Pwd: NcFTP@][bytes ratio: 0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 235.6/108.5 4743/1377 848.9/304.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 70.5/99.2 96/307 6.7/44.9][PLAIN TEXT (vsFTPd 3.0.3)] - 2 TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][cat: Download-FileTransfer-FileSharing/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][bytes ratio: -0.624 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/28 14.2/28.5 29/29 14.3/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68.4/369.2 78/1271 4.8/520.6][PLAIN TEXT ( 1 0 0 1073741)] + 1 TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][Goodput ratio: 6.0/33.2][8.48 sec][User: anonymous][Pwd: NcFTP@][bytes ratio: 0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 235.6/108.5 4743/1377 848.9/304.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 70.5/99.2 96/307 6.7/44.9][PLAIN TEXT (vsFTPd 3.0.3)] + 2 TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][cat: Download-FileTransfer-FileSharing/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][Goodput ratio: 0.0/81.5][0.09 sec][bytes ratio: -0.624 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/28 14.2/28.5 29/29 14.3/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68.4/369.2 78/1271 4.8/520.6][PLAIN TEXT ( 1 0 0 1073741)] Undetected flows: - 1 TCP 192.168.1.212:50696 <-> 90.130.70.73:24523 [proto: 0/Unknown][380 pkts/25104 bytes <-> 735 pkts/1097094 bytes][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.4/0.2 29/29 2.5/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.1/1492.6 78/1506 0.9/135.1] + 1 TCP 192.168.1.212:50696 <-> 90.130.70.73:24523 [proto: 0/Unknown][380 pkts/25104 bytes <-> 735 pkts/1097094 bytes][Goodput ratio: 0.0/95.6][0.33 sec][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.4/0.2 29/29 2.5/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.1/1492.6 78/1506 0.9/135.1] diff --git a/tests/result/git.pcap.out b/tests/result/git.pcap.out index 96b7312e2..4b6fe1654 100644 --- a/tests/result/git.pcap.out +++ b/tests/result/git.pcap.out @@ -1,3 +1,3 @@ Git 90 74005 1 - 1 TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes][bytes ratio: -0.910 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.9/25.1 558/607 97.8/96.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81.0/1442.6 593/2946 81.7/705.8][PLAIN TEXT (0045git)] + 1 TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes][Goodput ratio: 18.2/95.4][1.11 sec][bytes ratio: -0.910 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.9/25.1 558/607 97.8/96.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81.0/1442.6 593/2946 81.7/705.8][PLAIN TEXT (0045git)] diff --git a/tests/result/google_ssl.pcap.out b/tests/result/google_ssl.pcap.out index bb3a8358f..4a2aa2c90 100644 --- a/tests/result/google_ssl.pcap.out +++ b/tests/result/google_ssl.pcap.out @@ -4,4 +4,4 @@ JA3 Host Stats: IP Address # JA3C - 1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][bytes ratio: -0.668 (Download)][IAT c2s/s2c min/avg/max/stddev: 76/66 422.0/543.8 1185/1213 375.8/401.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94.5/633.0 368/1484 86.7/622.2][TLSv1][Server: www.google.com][JA3S: 7252ecc446aba4a3e474793ae320609a (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_SHA] + 1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][Goodput ratio: 42.6/91.1][6.67 sec][bytes ratio: -0.668 (Download)][IAT c2s/s2c min/avg/max/stddev: 76/66 422.0/543.8 1185/1213 375.8/401.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94.5/633.0 368/1484 86.7/622.2][TLSv1][Server: www.google.com][JA3S: 7252ecc446aba4a3e474793ae320609a (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_SHA] diff --git a/tests/result/hangout.pcap.out b/tests/result/hangout.pcap.out index 52c54b67c..e2a871ac9 100644 --- a/tests/result/hangout.pcap.out +++ b/tests/result/hangout.pcap.out @@ -1,3 +1,3 @@ GoogleHangoutDuo 19 2774 1 - 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 993/0 1000.5/0.0 1010/0 5.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 146/0 146.0/0.0 146/0 0.0/0.0][PLAIN TEXT (sdiKGkw)] + 1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][Goodput ratio: 71.2/0.0][18.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 993/0 1000.5/0.0 1010/0 5.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 146/0 146.0/0.0 146/0 0.0/0.0][PLAIN TEXT (sdiKGkw)] diff --git a/tests/result/http_ipv6.pcap.out b/tests/result/http_ipv6.pcap.out index 81e975a3b..21606f75a 100644 --- a/tests/result/http_ipv6.pcap.out +++ b/tests/result/http_ipv6.pcap.out @@ -9,18 +9,18 @@ JA3 Host Stats: 1 2a00:d40:1:3:7aac:c0ff:fea7:d4c 1 - 1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Host: www.google.it][bytes ratio: -0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 11/2 411.9/168.2 6008/1778 1177.1/366.5][Pkt Len c2s/s2c min/avg/max/stddev: 99/91 234.6/284.0 1412/1412 285.7/300.8][PLAIN TEXT (www.google.it)] - 2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][bytes ratio: -0.492 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36.6/44.3 229/290 62.1/87.8][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 283.5/970.7 919/1514 323.7/538.6][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] - 3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][bytes ratio: -0.632 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18.4/10.8 64/27 19.3/12.4][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 117.5/715.2 298/1514 67.4/607.6][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] - 4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][bytes ratio: -0.652 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14.8/9.0 50/23 16.2/10.3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 120.6/715.2 298/1514 69.9/607.6][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] - 5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19.8/8.8 63/25 19.7/10.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 120.6/805.1 298/2754 69.9/929.1][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] - 6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3.4/2.7 8/7 3.4/3.1][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 137.1/845.4 310/2942 82.6/1077.9][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][Server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][Organization: Facebook, Inc.][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2008-04-02 12:00:00 - 2022-04-03 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][bytes ratio: -0.651 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 11.8/5.3 43/8 15.9/3.1][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 145.7/1035.2 310/3633 86.4/1503.0][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][Server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][Organization: Facebook, Inc.][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2008-04-02 12:00:00 - 2022-04-03 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/TLS][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes][bytes ratio: -0.223 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.8/6.0 30/30 13.4/12.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 122.9/193.3 268/592 61.5/171.9] - 9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes] - 10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 13 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 14 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] - 15 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes] + 1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Goodput ratio: 73.6/78.2][11.12 sec][Host: www.google.it][bytes ratio: -0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 11/2 411.9/168.2 6008/1778 1177.1/366.5][Pkt Len c2s/s2c min/avg/max/stddev: 99/91 234.6/284.0 1412/1412 285.7/300.8][PLAIN TEXT (www.google.it)] + 2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][Goodput ratio: 69.4/91.1][0.43 sec][bytes ratio: -0.492 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36.6/44.3 229/290 62.1/87.8][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 283.5/970.7 919/1514 323.7/538.6][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] + 3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][Goodput ratio: 26.1/87.8][0.17 sec][bytes ratio: -0.632 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18.4/10.8 64/27 19.3/12.4][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 117.5/715.2 298/1514 67.4/607.6][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] + 4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][Goodput ratio: 28.0/87.8][0.12 sec][bytes ratio: -0.652 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14.8/9.0 50/23 16.2/10.3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 120.6/715.2 298/1514 69.9/607.6][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] + 5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][Goodput ratio: 28.0/89.2][0.17 sec][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19.8/8.8 63/25 19.7/10.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 120.6/805.1 298/2754 69.9/929.1][TLSv1][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34] + 6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][Goodput ratio: 36.4/89.6][0.06 sec][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3.4/2.7 8/7 3.4/3.1][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 137.1/845.4 310/2942 82.6/1077.9][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][Server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][Organization: Facebook, Inc.][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2008-04-02 12:00:00 - 2022-04-03 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][Goodput ratio: 40.0/91.5][0.06 sec][bytes ratio: -0.651 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 11.8/5.3 43/8 15.9/3.1][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 145.7/1035.2 310/3633 86.4/1503.0][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][Server: *.ak.fbcdn.net][JA3S: b898351eb5e266aefd3723d466935494][Organization: Facebook, Inc.][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2008-04-02 12:00:00 - 2022-04-03 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/TLS][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes][Goodput ratio: 30.0/55.5][0.12 sec][bytes ratio: -0.223 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.8/6.0 30/30 13.4/12.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 122.9/193.3 268/592 61.5/171.9] + 9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes][Goodput ratio: 65.3/56.2][0.07 sec] + 10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0.0/0.0][0.04 sec] + 11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0.0/0.0][0.13 sec] + 12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0.0/0.0][0.02 sec] + 13 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0.0/0.0][0.02 sec] + 14 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0.0/0.0][0.02 sec] + 15 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0.0/0.0][0.01 sec] diff --git a/tests/result/instagram.pcap.out b/tests/result/instagram.pcap.out index ff029d269..c038f30fc 100644 --- a/tests/result/instagram.pcap.out +++ b/tests/result/instagram.pcap.out @@ -11,38 +11,38 @@ JA3 Host Stats: 1 192.168.0.103 1 - 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes][bytes ratio: 0.960 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 18.6/40.9 1246/1247 136.9/216.6][Pkt Len c2s/s2c min/avg/max/stddev: 1128/66 1460.7/66.0 1464/66 32.9/0.0][PLAIN TEXT (dnlN/L)] - 2 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Host: photos-h.ak.instagram.com][bytes ratio: -0.962 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5.6/0.3 33/2 11.2/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/1484 86.0/1484.0 326/1484 69.3/0.0][URL: photos-h.ak.instagram.com/hphotos-ak-xap1/t51.2885-15/e35/10859994_1009433792434447_1627646062_n.jpg?se=7][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 3 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Host: photos-g.ak.instagram.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2.4/0.5 62/2 11.3/0.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/396 73.0/1435.2 326/1484 42.2/209.5][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11417349_1610424452559638_1559096152_n.jpg?se=7][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 4 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Host: photos-e.ak.instagram.com][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 244.3/12.2 7254/372 1260.5/65.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.7/1250.6 325/1484 55.7/506.8][URL: photos-e.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11379148_1449120228745316_607477962_n.jpg?se=7][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 5 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Host: photos-g.ak.instagram.com][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.5/0.3 321/2 76.4/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/186 76.5/1423.0 319/1484 50.6/248.6][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e15/11386524_110257619317430_379513654_n.jpg][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 6 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes][bytes ratio: -0.757 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 364.1/362.3 7669/7709 1462.3/1471.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 163.4/1180.4 1431/1464 317.9/494.8] - 7 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes][bytes ratio: 0.918 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1.2/1.3 7/7 1.7/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 1484/66 1484.0/66.0 1484/66 0.0/0.0][PLAIN TEXT (inOCIM)] - 8 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes][bytes ratio: -0.936 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 735.4/0.5 7321/3 2195.2/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/1405.8 66/1484 0.0/309.0][PLAIN TEXT (dGQaNFV)] - 9 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes][bytes ratio: 0.950 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.8/1.3 5/4 1.3/1.4][Pkt Len c2s/s2c min/avg/max/stddev: 671/66 1433.2/66.0 1484/66 196.8/0.0][PLAIN TEXT (DD.DOo)] - 10 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][bytes ratio: -0.707 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18.6/23.0 56/88 18.1/30.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.9/885.7 375/1484 113.9/639.8][TLSv1][Client: igcdn-photos-g-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] - 11 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][bytes ratio: -0.515 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.1/29.2 79/103 25.5/38.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154.5/689.1 516/1484 151.0/647.4][TLSv1][Client: igcdn-photos-h-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 7df57c06f869fc3ce509521cae2f75ce][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] - 12 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes][bytes ratio: 0.555 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 589.8/589.8 2180/2130 921.0/894.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 783.2/224.2 1464/1015 545.1/353.7] - 13 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.3/11.0 70/40 26.9/16.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.0/778.5 292/1484 80.8/657.3][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] - 14 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/12.0 71/47 27.1/20.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.0/778.5 292/1484 80.8/657.3][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] - 15 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes][bytes ratio: -0.526 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64.0/51.0 254/202 109.7/87.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 255.8/686.3 1015/1464 379.6/610.1] - 16 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes][bytes ratio: -0.517 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 53.8/43.0 215/172 93.1/74.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 255.8/804.0 1015/1464 379.6/595.0] - 17 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Host: photos-f.ak.instagram.com][bytes ratio: -0.722 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 61.3/0.5 184/1 86.7/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 78/488 139.8/1152.0 325/1484 107.0/469.5][URL: photos-f.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11424623_1608163109450421_663315883_n.jpg?se=7][StatusCode: 0][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 18 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 93.7/79.8 183/182 81.8/80.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175.9/133.0 530/231 154.8/70.1][TLSv1][Client: telegraph-ash.instagram.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][JA3S: acb741bcdffb787c5a52654c78645bdf][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 19 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 413767116)] - 20 ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Host: igcdn-photos-h-a.akamaihd.net][PLAIN TEXT (photos)] - 22 TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Host: photos-a.ak.instagram.com][URL: photos-a.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11248829_853782121373976_909936934_n.jpg?se=7][StatusCode: 0][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 23 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: photos-g.ak.instagram.com][URL: photos-g.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11379284_1651416798408214_1525641466_n.jpg][StatusCode: 0][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] - 24 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-g-a.akamaihd.net][PLAIN TEXT (photos)] - 25 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Host: igcdn-photos-a-a.akamaihd.net][PLAIN TEXT (photos)] - 26 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 27 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 28 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 413767116)] - 30 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes] - 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com][PLAIN TEXT (photos)] + 1 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes][Goodput ratio: 95.5/0.0][1.71 sec][bytes ratio: 0.960 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 18.6/40.9 1246/1247 136.9/216.6][Pkt Len c2s/s2c min/avg/max/stddev: 1128/66 1460.7/66.0 1464/66 32.9/0.0][PLAIN TEXT (dnlN/L)] + 2 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Goodput ratio: 23.2/95.6][0.07 sec][Host: photos-h.ak.instagram.com][bytes ratio: -0.962 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5.6/0.3 33/2 11.2/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/1484 86.0/1484.0 326/1484 69.3/0.0][URL: photos-h.ak.instagram.com/hphotos-ak-xap1/t51.2885-15/e35/10859994_1009433792434447_1627646062_n.jpg?se=7][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 3 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Goodput ratio: 9.6/95.4][0.09 sec][Host: photos-g.ak.instagram.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2.4/0.5 62/2 11.3/0.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/396 73.0/1435.2 326/1484 42.2/209.5][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11417349_1610424452559638_1559096152_n.jpg?se=7][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 4 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Goodput ratio: 15.3/94.7][7.88 sec][Host: photos-e.ak.instagram.com][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 244.3/12.2 7254/372 1260.5/65.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.7/1250.6 325/1484 55.7/506.8][URL: photos-e.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11379148_1449120228745316_607477962_n.jpg?se=7][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 5 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Goodput ratio: 13.8/95.4][0.51 sec][Host: photos-g.ak.instagram.com][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.5/0.3 321/2 76.4/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/186 76.5/1423.0 319/1484 50.6/248.6][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e15/11386524_110257619317430_379513654_n.jpg][StatusCode: 200][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 6 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes][Goodput ratio: 59.6/94.4][10.06 sec][bytes ratio: -0.757 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 364.1/362.3 7669/7709 1462.3/1471.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 163.4/1180.4 1431/1464 317.9/494.8] + 7 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes][Goodput ratio: 95.5/0.0][0.04 sec][bytes ratio: 0.918 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1.2/1.3 7/7 1.7/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 1484/66 1484.0/66.0 1484/66 0.0/0.0][PLAIN TEXT (inOCIM)] + 8 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes][Goodput ratio: 0.0/95.3][7.36 sec][bytes ratio: -0.936 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 735.4/0.5 7321/3 2195.2/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/1405.8 66/1484 0.0/309.0][PLAIN TEXT (dGQaNFV)] + 9 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes][Goodput ratio: 95.4/0.0][0.02 sec][bytes ratio: 0.950 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.8/1.3 5/4 1.3/1.4][Pkt Len c2s/s2c min/avg/max/stddev: 671/66 1433.2/66.0 1484/66 196.8/0.0][PLAIN TEXT (DD.DOo)] + 10 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][Goodput ratio: 51.2/92.4][0.19 sec][bytes ratio: -0.707 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18.6/23.0 56/88 18.1/30.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.9/885.7 375/1484 113.9/639.8][TLSv1][Client: igcdn-photos-g-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + 11 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][Goodput ratio: 56.7/90.2][0.17 sec][bytes ratio: -0.515 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.1/29.2 79/103 25.5/38.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154.5/689.1 516/1484 151.0/647.4][TLSv1][Client: igcdn-photos-h-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 7df57c06f869fc3ce509521cae2f75ce][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + 12 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes][Goodput ratio: 91.6/70.5][2.36 sec][bytes ratio: 0.555 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 589.8/589.8 2180/2130 921.0/894.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 783.2/224.2 1464/1015 545.1/353.7] + 13 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][Goodput ratio: 40.1/91.3][0.16 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.3/11.0 70/40 26.9/16.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.0/778.5 292/1484 80.8/657.3][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + 14 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][Goodput ratio: 40.1/91.3][0.16 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/12.0 71/47 27.1/20.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.0/778.5 292/1484 80.8/657.3][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: a248.e.akamai.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Organization: Akamai Technologies Inc.][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + 15 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes][Goodput ratio: 74.1/90.4][2.48 sec][bytes ratio: -0.526 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64.0/51.0 254/202 109.7/87.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 255.8/686.3 1015/1464 379.6/610.1] + 16 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes][Goodput ratio: 74.1/91.8][0.22 sec][bytes ratio: -0.517 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 53.8/43.0 215/172 93.1/74.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 255.8/804.0 1015/1464 379.6/595.0] + 17 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Goodput ratio: 46.3/94.2][0.18 sec][Host: photos-f.ak.instagram.com][bytes ratio: -0.722 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 61.3/0.5 184/1 86.7/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 78/488 139.8/1152.0 325/1484 107.0/469.5][URL: photos-f.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11424623_1608163109450421_663315883_n.jpg?se=7][StatusCode: 0][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 18 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][Goodput ratio: 61.9/49.6][0.80 sec][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 93.7/79.8 183/182 81.8/80.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175.9/133.0 530/231 154.8/70.1][TLSv1][Client: telegraph-ash.instagram.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][JA3S: acb741bcdffb787c5a52654c78645bdf][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 19 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes][Goodput ratio: 70.9/0.0][0.01 sec][PLAIN TEXT ( 413767116)] + 20 ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes][Goodput ratio: 58.7/0.0][2.67 sec] + 21 UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Goodput ratio: 52.2/85.9][0.05 sec][Host: igcdn-photos-h-a.akamaihd.net][PLAIN TEXT (photos)] + 22 TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.4/0.0][< 1 sec][Host: photos-a.ak.instagram.com][URL: photos-a.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11248829_853782121373976_909936934_n.jpg?se=7][StatusCode: 0][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 23 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.2/0.0][< 1 sec][Host: photos-g.ak.instagram.com][URL: photos-g.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11379284_1651416798408214_1525641466_n.jpg][StatusCode: 0][ContentType: ][UserAgent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)] + 24 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Goodput ratio: 52.2/79.5][0.05 sec][Host: igcdn-photos-g-a.akamaihd.net][PLAIN TEXT (photos)] + 25 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Goodput ratio: 52.2/79.5][0.05 sec][Host: igcdn-photos-a-a.akamaihd.net][PLAIN TEXT (photos)] + 26 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.02 sec] + 27 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.04 sec] + 28 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes][Goodput ratio: 21.8/0.0][< 1 sec] + 29 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][Goodput ratio: 70.5/0.0][< 1 sec][PLAIN TEXT ( 413767116)] + 30 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.0/0.0][< 1 sec][Host: photos-b.ak.instagram.com][PLAIN TEXT (photos)] Undetected flows: - 1 UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] diff --git a/tests/result/kerberos.pcap.out b/tests/result/kerberos.pcap.out index 15b922058..460e3d3d0 100644 --- a/tests/result/kerberos.pcap.out +++ b/tests/result/kerberos.pcap.out @@ -3,42 +3,42 @@ SMBv23 6 1914 3 Kerberos 48 19194 24 LDAP 14 4152 7 - 1 TCP 172.16.8.201:49171 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1486 bytes <-> 1 pkts/1506 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (HAPPYCRAFT.ORG)] - 2 TCP 172.16.8.201:49160 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (HAPPYCRAFT.ORG)] - 3 TCP 172.16.8.201:49176 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (HAPPYCRAFT.ORG)] - 4 TCP 172.16.8.201:49173 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1118 bytes <-> 1 pkts/190 bytes][PLAIN TEXT (HAPPYCRAFT.ORG)] - 5 TCP 172.16.8.201:49194 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/410 bytes <-> 1 pkts/314 bytes] - 6 TCP 172.16.8.201:49193 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/384 bytes <-> 1 pkts/264 bytes] - 7 TCP 172.16.8.201:49191 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/368 bytes <-> 1 pkts/264 bytes] - 8 TCP 172.16.8.201:49157 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] - 9 TCP 172.16.8.201:49166 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] - 10 TCP 172.16.8.201:49181 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (JOHNSON)] - 11 TCP 172.16.8.201:49156 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes] - 12 TCP 172.16.8.201:49174 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes] - 13 TCP 172.16.8.201:49188 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/369 bytes <-> 1 pkts/216 bytes][theresa.johnson (happycraft)][PLAIN TEXT (theresa.johnson)] - 14 TCP 172.16.8.201:49161 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes] - 15 TCP 172.16.8.201:49179 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes] - 16 TCP 172.16.8.201:49180 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes] - 17 TCP 172.16.8.201:49187 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/289 bytes <-> 1 pkts/294 bytes][theresa.johnson (happycraft)][PLAIN TEXT (theresa.johnson)] - 18 TCP 172.16.8.201:49169 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][PLAIN TEXT (PSTUsM)] - 19 TCP 172.16.8.201:49172 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes] - 20 TCP 172.16.8.201:49158 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] - 21 TCP 172.16.8.201:49167 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] - 22 TCP 172.16.8.201:49182 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][johnson-pc (happycraft.org)][PLAIN TEXT (JOHNSON)] - 23 TCP 172.16.8.201:49190 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/271 bytes <-> 1 pkts/244 bytes][PLAIN TEXT (happycraft.org)] - 24 TCP 172.16.8.201:49192 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][PLAIN TEXT (20370913024805Z)] - 25 TCP 172.16.8.201:49195 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][PLAIN TEXT (20370913024805Z)] - 26 TCP 172.16.8.201:49162 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes] - 27 TCP 172.16.8.201:49168 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes] - 28 TCP 172.16.8.201:49159 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes] - 29 TCP 172.16.8.201:49175 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes] - 30 TCP 172.16.8.201:49186 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes] - 31 TCP 172.16.8.201:49170 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/167 bytes <-> 1 pkts/122 bytes] - 32 TCP 172.16.8.201:49183 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/134 bytes <-> 1 pkts/94 bytes] - 33 TCP 172.16.8.201:49189 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/95 bytes <-> 1 pkts/120 bytes][PLAIN TEXT (370913024805Z)] - 34 TCP 172.16.8.201:49196 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/102 bytes][PLAIN TEXT (20370913024805Z)] + 1 TCP 172.16.8.201:49171 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1486 bytes <-> 1 pkts/1506 bytes][Goodput ratio: 96.3/96.4][0.00 sec][johnson-pc (happycraft.org)][PLAIN TEXT (HAPPYCRAFT.ORG)] + 2 TCP 172.16.8.201:49160 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][Goodput ratio: 96.3/96.3][< 1 sec][johnson-pc (happycraft.org)][PLAIN TEXT (HAPPYCRAFT.ORG)] + 3 TCP 172.16.8.201:49176 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][Goodput ratio: 96.3/96.3][0.00 sec][johnson-pc (happycraft.org)][PLAIN TEXT (HAPPYCRAFT.ORG)] + 4 TCP 172.16.8.201:49173 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1118 bytes <-> 1 pkts/190 bytes][Goodput ratio: 95.1/71.2][0.00 sec][PLAIN TEXT (HAPPYCRAFT.ORG)] + 5 TCP 172.16.8.201:49194 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/410 bytes <-> 1 pkts/314 bytes][Goodput ratio: 86.6/82.5][0.00 sec] + 6 TCP 172.16.8.201:49193 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/384 bytes <-> 1 pkts/264 bytes][Goodput ratio: 85.7/79.2][0.00 sec] + 7 TCP 172.16.8.201:49191 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/368 bytes <-> 1 pkts/264 bytes][Goodput ratio: 85.1/79.2][< 1 sec] + 8 TCP 172.16.8.201:49157 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81.3/83.5][< 1 sec][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] + 9 TCP 172.16.8.201:49166 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81.3/83.5][0.00 sec][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] + 10 TCP 172.16.8.201:49181 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81.3/83.5][< 1 sec][johnson-pc (happycraft.org)][PLAIN TEXT (JOHNSON)] + 11 TCP 172.16.8.201:49156 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes][Goodput ratio: 80.5/82.5][0.00 sec] + 12 TCP 172.16.8.201:49174 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes][Goodput ratio: 80.5/82.5][0.00 sec] + 13 TCP 172.16.8.201:49188 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/369 bytes <-> 1 pkts/216 bytes][Goodput ratio: 85.1/74.7][< 1 sec][theresa.johnson (happycraft)][PLAIN TEXT (theresa.johnson)] + 14 TCP 172.16.8.201:49161 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 82.9/79.2][< 1 sec] + 15 TCP 172.16.8.201:49179 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 82.9/79.2][0.00 sec] + 16 TCP 172.16.8.201:49180 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 82.9/79.2][0.00 sec] + 17 TCP 172.16.8.201:49187 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/289 bytes <-> 1 pkts/294 bytes][Goodput ratio: 81.0/81.4][0.00 sec][theresa.johnson (happycraft)][PLAIN TEXT (theresa.johnson)] + 18 TCP 172.16.8.201:49169 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][Goodput ratio: 81.5/79.2][0.00 sec][PLAIN TEXT (PSTUsM)] + 19 TCP 172.16.8.201:49172 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][Goodput ratio: 81.5/79.2][0.00 sec] + 20 TCP 172.16.8.201:49158 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85.3/67.1][0.00 sec][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] + 21 TCP 172.16.8.201:49167 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85.3/67.1][< 1 sec][johnson-pc (happycraft.org)][PLAIN TEXT (johnson)] + 22 TCP 172.16.8.201:49182 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85.3/67.1][< 1 sec][johnson-pc (happycraft.org)][PLAIN TEXT (JOHNSON)] + 23 TCP 172.16.8.201:49190 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/271 bytes <-> 1 pkts/244 bytes][Goodput ratio: 79.8/77.6][0.00 sec][PLAIN TEXT (happycraft.org)] + 24 TCP 172.16.8.201:49192 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][Goodput ratio: 78.5/76.5][0.00 sec][PLAIN TEXT (20370913024805Z)] + 25 TCP 172.16.8.201:49195 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][Goodput ratio: 78.5/76.5][0.00 sec][PLAIN TEXT (20370913024805Z)] + 26 TCP 172.16.8.201:49162 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes][Goodput ratio: 73.6/69.6][0.00 sec] + 27 TCP 172.16.8.201:49168 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes][Goodput ratio: 73.6/69.6][< 1 sec] + 28 TCP 172.16.8.201:49159 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71.4/67.6][< 1 sec] + 29 TCP 172.16.8.201:49175 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71.4/67.6][0.00 sec] + 30 TCP 172.16.8.201:49186 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71.4/67.6][0.00 sec] + 31 TCP 172.16.8.201:49170 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/167 bytes <-> 1 pkts/122 bytes][Goodput ratio: 67.3/55.3][0.00 sec] + 32 TCP 172.16.8.201:49183 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/134 bytes <-> 1 pkts/94 bytes][Goodput ratio: 59.3/42.1][0.00 sec] + 33 TCP 172.16.8.201:49189 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/95 bytes <-> 1 pkts/120 bytes][Goodput ratio: 42.7/54.5][< 1 sec][PLAIN TEXT (370913024805Z)] + 34 TCP 172.16.8.201:49196 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/102 bytes][Goodput ratio: 38.9/46.6][< 1 sec][PLAIN TEXT (20370913024805Z)] Undetected flows: - 1 TCP 172.16.8.201:49165 <-> 172.16.8.8:49155 [proto: 0/Unknown][4 pkts/1382 bytes <-> 2 pkts/624 bytes][bytes ratio: 0.378 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/21492 7163.7/21492.0 21491/21492 10131.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 274/286 345.5/312.0 429/338 72.0/26.0] - 2 TCP 172.16.8.201:49185 <-> 172.16.8.8:49155 [proto: 0/Unknown][2 pkts/687 bytes <-> 1 pkts/338 bytes] + 1 TCP 172.16.8.201:49165 <-> 172.16.8.8:49155 [proto: 0/Unknown][4 pkts/1382 bytes <-> 2 pkts/624 bytes][Goodput ratio: 84.3/82.6][21.49 sec][bytes ratio: 0.378 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/21492 7163.7/21492.0 21491/21492 10131.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 274/286 345.5/312.0 429/338 72.0/26.0] + 2 TCP 172.16.8.201:49185 <-> 172.16.8.8:49155 [proto: 0/Unknown][2 pkts/687 bytes <-> 1 pkts/338 bytes][Goodput ratio: 84.2/83.8][0.00 sec] diff --git a/tests/result/malware.pcap.out b/tests/result/malware.pcap.out index a82fe1a02..dd536f2bc 100644 --- a/tests/result/malware.pcap.out +++ b/tests/result/malware.pcap.out @@ -8,8 +8,8 @@ JA3 Host Stats: 1 192.168.7.7 1 - 1 TCP 192.168.7.7:35236 <-> 67.215.92.210:443 [proto: 91.225/TLS.OpenDNS][cat: Malware/100][11 pkts/1280 bytes <-> 9 pkts/5860 bytes][bytes ratio: -0.641 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71.1/74.8 240/249 99.0/103.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116.4/651.1 571/1514 148.2/644.4][TLSv1.2][Client: www.internetbadguys.com][JA3C: f6ce47303dce394049af395fc6d0bc20][Server: api.opendns.com][JA3S: 0c0aff9ccea5e7e1de5c3a0069d103f3][Organization: OpenDNS, Inc.][Certificate SHA-1: 21:B4:CF:84:13:3A:21:A4:B0:02:63:76:39:84:EA:ED:27:EE:51:7C][Validity: 2018-04-26 00:00:00 - 2020-07-29 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 2 TCP 192.168.7.7:48394 <-> 67.215.92.210:80 [proto: 7.225/HTTP.OpenDNS][cat: Malware/100][1 pkts/383 bytes <-> 1 pkts/98 bytes][Host: www.internetbadguys.com][URL: www.internetbadguys.com/][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0][PLAIN TEXT (GET / HTTP/1.1)] - 3 UDP 192.168.7.7:42370 <-> 1.1.1.1:53 [proto: 5/DNS][cat: Malware/100][1 pkts/106 bytes <-> 1 pkts/110 bytes][Host: www.internetbadguys.com][PLAIN TEXT (internetbadguys)] - 4 ICMP 192.168.7.7:0 -> 144.139.247.220:0 [proto: 81/ICMP][cat: Malware/100][1 pkts/98 bytes -> 0 pkts/0 bytes] - 5 TCP 192.168.7.7:33706 -> 144.139.247.220:80 [proto: 7/HTTP][cat: Malware/100][1 pkts/66 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.7.7:35236 <-> 67.215.92.210:443 [proto: 91.225/TLS.OpenDNS][cat: Malware/100][11 pkts/1280 bytes <-> 9 pkts/5860 bytes][Goodput ratio: 52.6/91.2][0.64 sec][bytes ratio: -0.641 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71.1/74.8 240/249 99.0/103.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116.4/651.1 571/1514 148.2/644.4][TLSv1.2][Client: www.internetbadguys.com][JA3C: f6ce47303dce394049af395fc6d0bc20][Server: api.opendns.com][JA3S: 0c0aff9ccea5e7e1de5c3a0069d103f3][Organization: OpenDNS, Inc.][Certificate SHA-1: 21:B4:CF:84:13:3A:21:A4:B0:02:63:76:39:84:EA:ED:27:EE:51:7C][Validity: 2018-04-26 00:00:00 - 2020-07-29 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 2 TCP 192.168.7.7:48394 <-> 67.215.92.210:80 [proto: 7.225/HTTP.OpenDNS][cat: Malware/100][1 pkts/383 bytes <-> 1 pkts/98 bytes][Goodput ratio: 85.7/44.4][0.21 sec][Host: www.internetbadguys.com][URL: www.internetbadguys.com/][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0][PLAIN TEXT (GET / HTTP/1.1)] + 3 UDP 192.168.7.7:42370 <-> 1.1.1.1:53 [proto: 5/DNS][cat: Malware/100][1 pkts/106 bytes <-> 1 pkts/110 bytes][Goodput ratio: 59.8/61.3][0.02 sec][Host: www.internetbadguys.com][PLAIN TEXT (internetbadguys)] + 4 ICMP 192.168.7.7:0 -> 144.139.247.220:0 [proto: 81/ICMP][cat: Malware/100][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 56.6/0.0][< 1 sec] + 5 TCP 192.168.7.7:33706 -> 144.139.247.220:80 [proto: 7/HTTP][cat: Malware/100][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/modbus.pcap.out b/tests/result/modbus.pcap.out index 8f8a475c7..bdda2141b 100644 --- a/tests/result/modbus.pcap.out +++ b/tests/result/modbus.pcap.out @@ -1,3 +1,3 @@ Modbus 102 6681 1 - 1 TCP 192.168.110.131:2074 <-> 192.168.110.138:502 [proto: 44/Modbus][cat: Network/14][51 pkts/3366 bytes <-> 51 pkts/3315 bytes][bytes ratio: 0.008 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 477.1/476.9 1073/1074 500.8/501.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/65 66.0/65.0 66/65 0.0/0.0] + 1 TCP 192.168.110.131:2074 <-> 192.168.110.138:502 [proto: 44/Modbus][cat: Network/14][51 pkts/3366 bytes <-> 51 pkts/3315 bytes][Goodput ratio: 18.2/16.9][23.11 sec][bytes ratio: 0.008 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 477.1/476.9 1073/1074 500.8/501.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/65 66.0/65.0 66/65 0.0/0.0] diff --git a/tests/result/monero.pcap.out b/tests/result/monero.pcap.out index bb162a781..e9d786c07 100644 --- a/tests/result/monero.pcap.out +++ b/tests/result/monero.pcap.out @@ -1,4 +1,4 @@ Mining 319 166676 2 - 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][bytes ratio: 0.831 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7234.3/8131.2 71734/71815 15224.1/15290.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 900.3/116.8 1514/376 708.7/98.8][PLAIN TEXT (method)] - 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][bytes ratio: -0.136 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46165.5/51528.3 195463/195463 61020.2/65305.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 185.6/254.9 1498/364 394.9/138.0][PLAIN TEXT (method)] + 1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][Goodput ratio: 92.7/43.5][1091.42 sec][bytes ratio: 0.831 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7234.3/8131.2 71734/71815 15224.1/15290.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 900.3/116.8 1514/376 708.7/98.8][PLAIN TEXT (method)] + 2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][Goodput ratio: 70.2/78.2][1065.16 sec][bytes ratio: -0.136 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46165.5/51528.3 195463/195463 61020.2/65305.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 185.6/254.9 1498/364 394.9/138.0][PLAIN TEXT (method)] diff --git a/tests/result/mpeg.pcap.out b/tests/result/mpeg.pcap.out index 9f9198a73..ee94c2573 100644 --- a/tests/result/mpeg.pcap.out +++ b/tests/result/mpeg.pcap.out @@ -1,3 +1,3 @@ ntop 19 10643 1 - 1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Network/14][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Host: luca.ntop.org][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.4/5.9 77/41 28.4/14.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/68 83.8/988.9 214/1502 46.2/649.2][URL: luca.ntop.org/0.mp3][StatusCode: 200][ContentType: audio/mpeg][UserAgent: Wget/1.16.3 (darwin14.1.0)][PLAIN TEXT (GET /0.mp)] + 1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Network/14][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Goodput ratio: 19.6/93.2][0.18 sec][Host: luca.ntop.org][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.4/5.9 77/41 28.4/14.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/68 83.8/988.9 214/1502 46.2/649.2][URL: luca.ntop.org/0.mp3][StatusCode: 200][ContentType: audio/mpeg][UserAgent: Wget/1.16.3 (darwin14.1.0)][PLAIN TEXT (GET /0.mp)] diff --git a/tests/result/mpegts.pcap.out b/tests/result/mpegts.pcap.out index cda24f643..50f4e3f17 100644 --- a/tests/result/mpegts.pcap.out +++ b/tests/result/mpegts.pcap.out @@ -1,3 +1,3 @@ MPEG_TS 1 1362 1 - 1 UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes] + 1 UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes][Goodput ratio: 96.6/0.0][< 1 sec] diff --git a/tests/result/msnms.pcap.out b/tests/result/msnms.pcap.out index 23576bb45..b3baa09d3 100644 --- a/tests/result/msnms.pcap.out +++ b/tests/result/msnms.pcap.out @@ -1,8 +1,8 @@ MSN 364 56503 6 - 1 TCP 192.168.1.14:1208 <-> 207.46.108.83:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7166 bytes <-> 48 pkts/9557 bytes][bytes ratio: -0.143 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 846/212 7349.4/5895.8 44758/28730 8212.0/5167.2][Pkt Len c2s/s2c min/avg/max/stddev: 59/65 166.7/199.1 525/333 60.6/41.0][PLAIN TEXT (ANS 89 jujurius@msn.com 1115371)] - 2 TCP 192.168.1.14:1221 <-> 207.46.108.59:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7062 bytes <-> 40 pkts/7349 bytes][bytes ratio: -0.020 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 204/243 6666.1/6488.1 86912/66364 14190.4/11226.7][Pkt Len c2s/s2c min/avg/max/stddev: 59/78 164.2/183.7 347/320 46.3/53.8][PLAIN TEXT (USR 178 OK jujurius@msn.com Jul)] - 3 TCP 192.168.1.14:1217 <-> 207.46.108.41:1863 [proto: 68/MSN][cat: Web/5][46 pkts/7655 bytes <-> 19 pkts/3761 bytes][bytes ratio: 0.341 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1004/231 6764.1/4683.2 59999/15340 8872.6/3554.6][Pkt Len c2s/s2c min/avg/max/stddev: 59/66 166.4/197.9 551/291 66.0/53.3][PLAIN TEXT (IRO 131 1 1 cecile260992@hotmai)] - 4 TCP 192.168.1.14:1037 <-> 207.46.107.149:1863 [proto: 68/MSN][cat: Web/5][41 pkts/2425 bytes <-> 55 pkts/6426 bytes][bytes ratio: -0.452 (Download)][IAT c2s/s2c min/avg/max/stddev: 11047/159 47968.2/36072.4 131306/50206 17449.5/15622.9][Pkt Len c2s/s2c min/avg/max/stddev: 59/62 59.1/116.8 65/406 0.9/113.0][PLAIN TEXT (RNG 17069658 207.46.108.83)] - 5 TCP 192.168.1.14:1220 <-> 207.46.108.150:1863 [proto: 68/MSN][cat: Web/5][2 pkts/163 bytes <-> 14 pkts/2737 bytes][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/240 0.0/8647.7 0/58353 0.0/15116.5][Pkt Len c2s/s2c min/avg/max/stddev: 59/66 81.5/195.5 104/315 22.5/61.1][PLAIN TEXT (IRO 176 1 1 cecile260992@hotmai)] - 6 TCP 192.168.1.14:1176 -> 207.46.108.39:1863 [proto: 68/MSN][cat: Web/5][13 pkts/2202 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 334/0 9562.2/0.0 59851/0 15958.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 59/0 169.4/0.0 427/0 78.7/0.0][PLAIN TEXT (MSG 77 U 89)] + 1 TCP 192.168.1.14:1208 <-> 207.46.108.83:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7166 bytes <-> 48 pkts/9557 bytes][Goodput ratio: 67.6/72.9][521.13 sec][bytes ratio: -0.143 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 846/212 7349.4/5895.8 44758/28730 8212.0/5167.2][Pkt Len c2s/s2c min/avg/max/stddev: 59/65 166.7/199.1 525/333 60.6/41.0][PLAIN TEXT (ANS 89 jujurius@msn.com 1115371)] + 2 TCP 192.168.1.14:1221 <-> 207.46.108.59:1863 [proto: 68/MSN][cat: Web/5][43 pkts/7062 bytes <-> 40 pkts/7349 bytes][Goodput ratio: 67.1/70.6][521.81 sec][bytes ratio: -0.020 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 204/243 6666.1/6488.1 86912/66364 14190.4/11226.7][Pkt Len c2s/s2c min/avg/max/stddev: 59/78 164.2/183.7 347/320 46.3/53.8][PLAIN TEXT (USR 178 OK jujurius@msn.com Jul)] + 3 TCP 192.168.1.14:1217 <-> 207.46.108.41:1863 [proto: 68/MSN][cat: Web/5][46 pkts/7655 bytes <-> 19 pkts/3761 bytes][Goodput ratio: 67.5/72.7][333.85 sec][bytes ratio: 0.341 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1004/231 6764.1/4683.2 59999/15340 8872.6/3554.6][Pkt Len c2s/s2c min/avg/max/stddev: 59/66 166.4/197.9 551/291 66.0/53.3][PLAIN TEXT (IRO 131 1 1 cecile260992@hotmai)] + 4 TCP 192.168.1.14:1037 <-> 207.46.107.149:1863 [proto: 68/MSN][cat: Web/5][41 pkts/2425 bytes <-> 55 pkts/6426 bytes][Goodput ratio: 8.7/53.8][1955.26 sec][bytes ratio: -0.452 (Download)][IAT c2s/s2c min/avg/max/stddev: 11047/159 47968.2/36072.4 131306/50206 17449.5/15622.9][Pkt Len c2s/s2c min/avg/max/stddev: 59/62 59.1/116.8 65/406 0.9/113.0][PLAIN TEXT (RNG 17069658 207.46.108.83)] + 5 TCP 192.168.1.14:1220 <-> 207.46.108.150:1863 [proto: 68/MSN][cat: Web/5][2 pkts/163 bytes <-> 14 pkts/2737 bytes][Goodput ratio: 33.5/72.4][168.98 sec][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/240 0.0/8647.7 0/58353 0.0/15116.5][Pkt Len c2s/s2c min/avg/max/stddev: 59/66 81.5/195.5 104/315 22.5/61.1][PLAIN TEXT (IRO 176 1 1 cecile260992@hotmai)] + 6 TCP 192.168.1.14:1176 -> 207.46.108.39:1863 [proto: 68/MSN][cat: Web/5][13 pkts/2202 bytes -> 0 pkts/0 bytes][Goodput ratio: 68.1/0.0][110.19 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 334/0 9562.2/0.0 59851/0 15958.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 59/0 169.4/0.0 427/0 78.7/0.0][PLAIN TEXT (MSG 77 U 89)] diff --git a/tests/result/mssql_tds.pcap.out b/tests/result/mssql_tds.pcap.out index 347cb1aab..1fba07455 100644 --- a/tests/result/mssql_tds.pcap.out +++ b/tests/result/mssql_tds.pcap.out @@ -1,14 +1,14 @@ MsSQL-TDS 38 16260 12 - 1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 393/0 1245.3/0.0 1514/0 435.7/0.0] - 2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes][bytes ratio: 0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 31/28 866.9/1024.0 1890/2071 763.3/864.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/88 155.2/217.3 307/492 89.6/168.6][PLAIN TEXT (first )] - 3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes] - 4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes] - 5 TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes] - 6 TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes] - 7 TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes] - 8 TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes][PLAIN TEXT (ABCDEFGHIJKLMNOPQ)] - 9 TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes] - 10 TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes] - 11 TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes] - 12 TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes] + 1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes][Goodput ratio: 95.7/0.0][< 1 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 393/0 1245.3/0.0 1514/0 435.7/0.0] + 2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes][Goodput ratio: 64.0/75.1][7.22 sec][bytes ratio: 0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 31/28 866.9/1024.0 1890/2071 763.3/864.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/88 155.2/217.3 307/492 89.6/168.6][PLAIN TEXT (first )] + 3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes][Goodput ratio: 78.4/74.7][0.14 sec] + 4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes][Goodput ratio: 95.2/0.0][< 1 sec] + 5 TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.1/0.0][< 1 sec] + 6 TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes][Goodput ratio: 85.3/0.0][< 1 sec] + 7 TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes][Goodput ratio: 83.0/0.0][< 1 sec] + 8 TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.9/0.0][< 1 sec][PLAIN TEXT (ABCDEFGHIJKLMNOPQ)] + 9 TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes][Goodput ratio: 78.3/0.0][< 1 sec] + 10 TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 77.1/0.0][< 1 sec] + 11 TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes][Goodput ratio: 44.4/23.6][< 1 sec] + 12 TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 61.5/0.0][< 1 sec] diff --git a/tests/result/nest_log_sink.pcap.out b/tests/result/nest_log_sink.pcap.out index 200a8311a..c8cbf739e 100644 --- a/tests/result/nest_log_sink.pcap.out +++ b/tests/result/nest_log_sink.pcap.out @@ -1,17 +1,17 @@ DNS 15 1612 1 NestLogSink 759 116848 13 - 1 TCP 192.168.242.15:63342 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][37 pkts/14650 bytes <-> 35 pkts/4115 bytes][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 4/0 142.2/150.2 1347/1490 250.6/289.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 395.9/117.6 585/733 191.9/107.5][PLAIN TEXT (05CA02AC4414028)] - 2 TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 131.6/134.1 1166/1477 228.8/290.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 405.9/117.5 584/732 185.3/107.3][PLAIN TEXT (05CA02AC4414028)] - 3 TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][bytes ratio: 0.520 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/0 163.8/174.5 1319/1484 293.5/350.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 369.2/121.5 584/733 204.4/129.6][PLAIN TEXT (05CA02AC4414028)] - 4 TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][bytes ratio: 0.515 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 157.7/169.4 1167/1475 265.8/349.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 364.6/121.5 584/732 204.5/129.4][PLAIN TEXT (05CA02AC4414028)] - 5 TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/16 33934.9/28186.7 60073/60075 29484.2/29644.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 92.5/91.0 585/731 96.8/125.8][PLAIN TEXT (05CA02AC4414028)] - 6 TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/17 33170.0/30242.3 60184/60262 29629.6/29816.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 97.9/95.5 586/730 105.0/136.5][PLAIN TEXT (05CA02AC4414028)] - 7 TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27923.8/26021.8 60088/60136 29300.8/29455.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 107.5/105.6 585/731 114.0/150.6][PLAIN TEXT (05CA02AC4414028)] - 8 TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649.0/24894.2 60122/60151 29303.3/29368.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116.2/126.7 584/732 117.5/180.8][PLAIN TEXT (05CA02AC4414028)] - 9 TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10959.9/13629.3 60124/60155 21488.4/24847.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 147.5/178.5 585/731 137.0/222.5][PLAIN TEXT (05CA02AC4414028)] - 10 TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827.0/40755.2 60071/60122 27934.1/27879.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61.3/54.0 116/54 8.5/0.0] - 11 TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][bytes ratio: 0.297 (Upload)][IAT c2s/s2c min/avg/max/stddev: 61/0 640.5/729.1 2711/3410 865.2/1201.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 233.2/138.9 584/732 216.6/199.2][PLAIN TEXT (05CA02AC4414028)] - 12 TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 63/0 341.6/348.9 1182/1489 362.6/517.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198.3/139.0 586/733 195.5/199.5][PLAIN TEXT (05CA02AC4414028)] - 13 TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 70/0 321.0/347.6 1162/1502 365.5/527.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198.3/138.9 586/732 195.5/199.2][PLAIN TEXT (05CA02AC4414028)] - 14 UDP 192.168.242.15:52849 <-> 192.168.242.1:53 [proto: 5/DNS][cat: Network/14][8 pkts/713 bytes <-> 7 pkts/899 bytes][Host: weave-logsink.nest.com][bytes ratio: -0.115 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/4311 596403.3/515880.4 1795476/1795277 670695.5/701384.1][Pkt Len c2s/s2c min/avg/max/stddev: 82/98 89.1/128.4 101/169 9.2/35.1][PLAIN TEXT (logsink)] + 1 TCP 192.168.242.15:63342 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][37 pkts/14650 bytes <-> 35 pkts/4115 bytes][Goodput ratio: 86.1/54.0][4.71 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 4/0 142.2/150.2 1347/1490 250.6/289.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 395.9/117.6 585/733 191.9/107.5][PLAIN TEXT (05CA02AC4414028)] + 2 TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][Goodput ratio: 86.4/53.9][4.14 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 131.6/134.1 1166/1477 228.8/290.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 405.9/117.5 584/732 185.3/107.3][PLAIN TEXT (05CA02AC4414028)] + 3 TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][Goodput ratio: 85.0/55.4][3.56 sec][bytes ratio: 0.520 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/0 163.8/174.5 1319/1484 293.5/350.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 369.2/121.5 584/733 204.4/129.6][PLAIN TEXT (05CA02AC4414028)] + 4 TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][Goodput ratio: 84.8/55.4][3.42 sec][bytes ratio: 0.515 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 157.7/169.4 1167/1475 265.8/349.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 364.6/121.5 584/732 204.5/129.4][PLAIN TEXT (05CA02AC4414028)] + 5 TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][Goodput ratio: 36.1/40.5][1799.54 sec][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/16 33934.9/28186.7 60073/60075 29484.2/29644.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 92.5/91.0 585/731 96.8/125.8][PLAIN TEXT (05CA02AC4414028)] + 6 TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][Goodput ratio: 39.7/43.3][1508.66 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/17 33170.0/30242.3 60184/60262 29629.6/29816.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 97.9/95.5 586/730 105.0/136.5][PLAIN TEXT (05CA02AC4414028)] + 7 TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][Goodput ratio: 45.4/48.7][1042.88 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27923.8/26021.8 60088/60136 29300.8/29455.1][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 107.5/105.6 585/731 114.0/150.6][PLAIN TEXT (05CA02AC4414028)] + 8 TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][Goodput ratio: 49.8/57.2][602.97 sec][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649.0/24894.2 60122/60151 29303.3/29368.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116.2/126.7 584/732 117.5/180.8][PLAIN TEXT (05CA02AC4414028)] + 9 TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][Goodput ratio: 61.1/69.6][153.64 sec][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10959.9/13629.3 60124/60155 21488.4/24847.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 147.5/178.5 585/731 137.0/222.5][PLAIN TEXT (05CA02AC4414028)] + 10 TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2.4/0.0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827.0/40755.2 60071/60122 27934.1/27879.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61.3/54.0 116/54 8.5/0.0] + 11 TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 75.6/60.8][5.29 sec][bytes ratio: 0.297 (Upload)][IAT c2s/s2c min/avg/max/stddev: 61/0 640.5/729.1 2711/3410 865.2/1201.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 233.2/138.9 584/732 216.6/199.2][PLAIN TEXT (05CA02AC4414028)] + 12 TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][Goodput ratio: 71.2/60.8][2.81 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 63/0 341.6/348.9 1182/1489 362.6/517.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198.3/139.0 586/733 195.5/199.5][PLAIN TEXT (05CA02AC4414028)] + 13 TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 71.2/60.8][2.65 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 70/0 321.0/347.6 1162/1502 365.5/527.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198.3/138.9 586/732 195.5/199.2][PLAIN TEXT (05CA02AC4414028)] + 14 UDP 192.168.242.15:52849 <-> 192.168.242.1:53 [proto: 5/DNS][cat: Network/14][8 pkts/713 bytes <-> 7 pkts/899 bytes][Goodput ratio: 52.8/67.2][3600.37 sec][Host: weave-logsink.nest.com][bytes ratio: -0.115 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/4311 596403.3/515880.4 1795476/1795277 670695.5/701384.1][Pkt Len c2s/s2c min/avg/max/stddev: 82/98 89.1/128.4 101/169 9.2/35.1][PLAIN TEXT (logsink)] diff --git a/tests/result/netflix.pcap.out b/tests/result/netflix.pcap.out index 755c76a9b..f36cefc2a 100644 --- a/tests/result/netflix.pcap.out +++ b/tests/result/netflix.pcap.out @@ -9,64 +9,64 @@ JA3 Host Stats: 1 192.168.1.7 4 - 1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Host: 23.246.11.141][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.1/21.3 522/505 50.6/40.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 75.7/1500.3 584/1514 68.6/116.2][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL2)] - 2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Host: 23.246.3.140][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117.0/55.1 5026/5044 455.1/247.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 80.3/1493.7 581/1514 81.4/139.9][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL)] - 3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Host: 23.246.11.133][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 193.6/107.2 26359/26393 1829.1/1320.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79.1/1487.1 582/1514 78.6/167.2][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL1)] - 4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Host: tp.akam.nflximg.com][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 418.0/45.1 30607/2159 2956.1/164.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78.6/1498.7 282/1514 20.9/140.2][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][ContentType: text/plain][UserAgent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)] - 5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1183.5/604.0 69170/69192 8779.7/6263.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87.0/1379.1 293/1514 38.8/401.2][TLSv1.2][Client: art-s.nflximg.net][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: secure.cdn.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Organization: Netflix, Inc.][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] - 6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Host: 23.246.11.141][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 89.7/58.1 504/714 130.2/108.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 88.1/1463.8 582/1514 100.4/228.0][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL2)] - 7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Host: art-2.nflximg.net][bytes ratio: -0.947 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/12 1100.9/41.1 30978/402 5646.5/66.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.3/1455.7 311/1514 38.3/273.5][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /5758)] - 8 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 743.5/738.5 30450/30505 3962.3/4074.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 413.7/588.1 1514/1514 553.3/593.8][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 9 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][bytes ratio: 0.727 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1378.0/2893.2 51181/51242 8187.7/11726.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1091.7/317.7 1514/1514 614.5/491.5][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 10 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2040 bytes <-> 34 pkts/45136 bytes][bytes ratio: -0.914 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 76.6/61.8 638/579 155.4/121.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.0/1327.5 422/1514 70.8/457.1][URL: 23.246.10.139/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-djGXIcbFBNzyfugqEWcrgtCpyY&random=34073607][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 11 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/2 70.5/47.3 708/633 170.8/120.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 89.0/1327.6 420/1514 74.7/456.9][URL: 23.246.3.140/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4&random=357509657][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 12 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Host: art-2.nflximg.net][bytes ratio: -0.877 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 424.7/42.9 3643/161 850.2/34.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93.3/1378.5 312/1514 58.6/421.3][URL: art-2.nflximg.net/af7a5/362643424e775d0393ddb46e145c2375367af7a5.webp][StatusCode: 200][ContentType: image/webp][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /af)] - 13 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 52.7/51.8 354/582 86.6/111.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87.0/1349.3 422/1514 75.3/442.6][URL: 23.246.11.145/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=5xfYVtna3GdYXL71uNs6DZ-X84Y&random=39307082][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 14 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640.5/1231.6 30390/30443 6288.1/5475.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 210.9/964.4 1514/1514 376.2/637.4][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 15 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Host: art-1.nflximg.net][bytes ratio: -0.942 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 27.5/35.1 45/81 10.3/18.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101.8/1414.4 311/1514 64.1/365.9][URL: art-1.nflximg.net/8b1fa/eaa1b78cd72ca4dbdcab527691d2fcab37c8b1fa.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /8b)] - 16 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][bytes ratio: -0.871 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 267.2/77.0 1392/465 371.7/115.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83.7/1294.6 424/1514 62.8/489.1][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJiXLBugGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPflHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JqTg0NiANIn4-aRwn3uKtWdoQ7M&random=114897][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (czGET /range/0)] - 17 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Host: art-1.nflximg.net][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 166.5/93.7 1389/1416 393.8/299.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97.4/1336.5 311/1514 80.8/428.1][URL: art-1.nflximg.net/4e36d/6289889020d6cc6dfb3038c35564a41e1ca4e36d.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /4e)] - 18 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Host: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092.2/20.9 30728/135 9212.0/28.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241.7/1136.3 1514/1514 404.6/584.3][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 200][ContentType: application/x-msl+json][UserAgent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /appboot/NFAPPL)] - 19 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][bytes ratio: -0.833 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 253.5/199.3 1162/1131 295.3/282.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.8/1202.6 424/1514 61.0/563.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJZ2VKhqgGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzTho_flHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=LQ7LyXSnZaXKEHAHaRRHk-S7dKE&random=420981][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 20 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/4 245.2/164.8 985/775 248.3/180.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.0/1202.6 423/1514 71.0/563.7][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJZ2bLBChGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_ngHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=SixKQmLLJNvShj-pfML-2h4QaqQ&random=727666][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 21 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/4 264.6/325.6 1355/1382 336.5/386.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.9/1274.6 423/1514 62.5/516.6][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8&random=323765][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 22 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48.2/42.4 437/291 100.9/61.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290.2/895.3 1514/1514 441.6/626.2][TLSv1.2][Client: api-global.netflix.com][JA3C: d8bfad189bd26664e04570c104ee8418][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 23 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][bytes ratio: -0.824 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 247.8/270.5 635/1046 213.2/317.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 80.4/1159.2 426/1514 62.4/602.9][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQIpyTIBGjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_biCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=8Z78vL2i9OzihCA3M1LinMYcMY4&random=2386][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (fGET /range/0)] - 24 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/4 258.1/237.1 1250/1203 330.7/380.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84.2/1212.1 424/1514 58.1/550.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo&random=413473][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 25 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][bytes ratio: -0.798 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168.5/222.6 1162/1317 246.3/336.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84.2/1212.2 426/1514 60.5/550.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJ5yTLBCkGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_3mCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=r5jtnnEcR8hDCkPImfEiWqWAjKk&random=1846][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 26 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][bytes ratio: -0.818 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 297.7/146.2 1317/530 354.0/131.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85.1/1159.5 423/1514 63.5/589.6][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJmULRajGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpfblHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=zezrDJDQvgO2TiYC1dT3imH4QC8&random=169467][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 27 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 47.7/84.3 332/331 94.1/94.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 810.9/308.7 1514/1514 699.9/492.9][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 28 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.9/32.9 266/316 64.3/69.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237.4/739.0 1514/1514 406.7/541.9][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 29 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 222.2/250.0 636/1132 227.5/336.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83.4/1180.4 424/1514 58.9/569.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJpmQIRekGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThrvnlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=mQfOf90-RY2Gd2ii20KJpCcYQVk&random=134564][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 30 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][bytes ratio: -0.772 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238.4/289.2 1152/1208 301.3/406.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 84.7/1118.7 425/1514 60.1/613.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQLJ2TIBepGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPbiCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=tTXu3c6FnJtfi6z0IJp3hw8eDv8&random=1294][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 31 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 254.8/290.4 811/1178 266.6/325.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87.0/1121.1 424/1514 63.5/610.6][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10&random=247333][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] - 32 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46.4/54.5 282/127 72.4/34.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 485.7/490.6 1514/1514 602.5/610.3][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 33 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Host: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877.0/42.1 31088/123 8921.3/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714.4/500.3 1514/1514 676.3/651.2][URL: api-global.netflix.com/msl/nrdjs/2.1.2][StatusCode: 200][ContentType: application/x-msl+json][UserAgent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)] - 34 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64.7/96.0 322/423 89.1/120.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314.5/696.8 1514/1514 477.1/667.4][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 35 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129.1/2946.1 30585/30636 7105.0/8237.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274.0/414.4 1514/1514 437.3/546.1][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 36 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Host: art-2.nflximg.net][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4565.4/33.9 30963/63 10780.3/17.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94.1/1119.8 311/1514 72.5/643.7][URL: art-2.nflximg.net/87b33/bed1223a0040fdc97bac4e906332e462c6e87b33.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /87)] - 37 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923.1/15.8 30431/72 7360.8/24.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382.0/327.2 1514/1514 559.0/501.4][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 38 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017.3/13.7 30033/55 7487.5/20.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399.4/342.7 1514/1514 568.6/514.1][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 39 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.9/303.2 2449/2522 644.8/743.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325.2/386.1 1514/1514 478.5/534.2][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 40 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.1/31.0 85/65 31.5/27.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430.4/507.4 1514/1514 532.6/591.2][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 41 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820.1/45.2 30348/363 7132.3/102.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145.3/389.6 422/1514 131.7/519.8][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 42 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24.0/21.7 72/63 26.2/24.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222.1/465.4 1514/1514 382.1/579.1][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 43 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 28.6/22.0 143/79 42.9/28.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253.4/423.0 1514/1514 421.8/511.9][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 44 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373.2/20.4 30602/58 8149.0/25.9][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 103.6/417.1 309/1514 78.3/548.0][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26.1/20.2 92/54 34.4/21.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283.0/354.9 1450/1066 419.0/412.7][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064.5/6120.4 30486/30536 9140.5/12207.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 107.8/215.4 309/989 83.5/296.5][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588.2/0.0 14907/0 6546.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 165.5/0.0 167/0 1.5/0.0][PLAIN TEXT (SEARCH )] - 48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)] - 49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)] - 50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)] - 51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Host: ichnaea.geo.netflix.com][PLAIN TEXT (ichnaea)] - 52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com][PLAIN TEXT (global)] - 53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Host: api-global.latency.prodaa.netflix.com][PLAIN TEXT (global)] - 54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Host: ichnaea.us-west-2.prodaa.netflix.com][PLAIN TEXT (ichnaea)] - 55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Host: appboot.netflix.com][PLAIN TEXT (appboot)] - 56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Host: artwork.akam.nflximg.net][PLAIN TEXT (artwork)] - 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Host: sha2.san.akam.nflximg.net][PLAIN TEXT (akamaiedge)] - 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Host: a1907.dscg.akamai.net][PLAIN TEXT (akamai)] - 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Host: a803.dscg.akamai.net][PLAIN TEXT (akamai)] - 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/TLS.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes] - 61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Goodput ratio: 12.3/95.6][26.40 sec][Host: 23.246.11.141][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.1/21.3 522/505 50.6/40.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 75.7/1500.3 584/1514 68.6/116.2][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL2)] + 2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Goodput ratio: 16.5/95.6][53.10 sec][Host: 23.246.3.140][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117.0/55.1 5026/5044 455.1/247.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 80.3/1493.7 581/1514 81.4/139.9][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL)] + 3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Goodput ratio: 15.6/95.6][46.97 sec][Host: 23.246.11.133][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 193.6/107.2 26359/26393 1829.1/1320.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79.1/1487.1 582/1514 78.6/167.2][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL1)] + 4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Goodput ratio: 1.9/95.6][59.61 sec][Host: tp.akam.nflximg.com][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 418.0/45.1 30607/2159 2956.1/164.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78.6/1498.7 282/1514 20.9/140.2][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][ContentType: text/plain][UserAgent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)] + 5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][Goodput ratio: 19.7/95.2][73.78 sec][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1183.5/604.0 69170/69192 8779.7/6263.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87.0/1379.1 293/1514 38.8/401.2][TLSv1.2][Client: art-s.nflximg.net][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: secure.cdn.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Organization: Netflix, Inc.][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] + 6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Goodput ratio: 23.3/95.5][6.10 sec][Host: 23.246.11.141][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 89.7/58.1 504/714 130.2/108.5][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 88.1/1463.8 582/1514 100.4/228.0][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][ContentType: ][UserAgent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][PLAIN TEXT (oMrLRiWL2)] + 7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Goodput ratio: 7.2/95.5][34.92 sec][Host: art-2.nflximg.net][bytes ratio: -0.947 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/12 1100.9/41.1 30978/402 5646.5/66.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.3/1455.7 311/1514 38.3/273.5][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /5758)] + 8 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][Goodput ratio: 84.0/88.8][47.10 sec][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 743.5/738.5 30450/30505 3962.3/4074.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 413.7/588.1 1514/1514 553.3/593.8][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 9 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][Goodput ratio: 93.9/78.5][53.21 sec][bytes ratio: 0.727 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1378.0/2893.2 51181/51242 8187.7/11726.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1091.7/317.7 1514/1514 614.5/491.5][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 10 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2040 bytes <-> 34 pkts/45136 bytes][Goodput ratio: 17.4/95.0][1.88 sec][bytes ratio: -0.914 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 76.6/61.8 638/579 155.4/121.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.0/1327.5 422/1514 70.8/457.1][URL: 23.246.10.139/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-djGXIcbFBNzyfugqEWcrgtCpyY&random=34073607][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 11 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][Goodput ratio: 18.9/95.0][2.09 sec][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/2 70.5/47.3 708/633 170.8/120.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 89.0/1327.6 420/1514 74.7/456.9][URL: 23.246.3.140/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4&random=357509657][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 12 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Goodput ratio: 17.0/95.2][42.46 sec][Host: art-2.nflximg.net][bytes ratio: -0.877 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 424.7/42.9 3643/161 850.2/34.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93.3/1378.5 312/1514 58.6/421.3][URL: art-2.nflximg.net/af7a5/362643424e775d0393ddb46e145c2375367af7a5.webp][StatusCode: 200][ContentType: image/webp][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /af)] + 13 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][Goodput ratio: 19.5/95.1][1.58 sec][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 52.7/51.8 354/582 86.6/111.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87.0/1349.3 422/1514 75.3/442.6][URL: 23.246.11.145/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=5xfYVtna3GdYXL71uNs6DZ-X84Y&random=39307082][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 14 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 68.7/93.1][38.50 sec][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640.5/1231.6 30390/30443 6288.1/5475.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 210.9/964.4 1514/1514 376.2/637.4][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 15 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Goodput ratio: 20.0/95.3][1.39 sec][Host: art-1.nflximg.net][bytes ratio: -0.942 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 27.5/35.1 45/81 10.3/18.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101.8/1414.4 311/1514 64.1/365.9][URL: art-1.nflximg.net/8b1fa/eaa1b78cd72ca4dbdcab527691d2fcab37c8b1fa.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /8b)] + 16 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][Goodput ratio: 13.8/94.9][7.33 sec][bytes ratio: -0.871 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 267.2/77.0 1392/465 371.7/115.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83.7/1294.6 424/1514 62.8/489.1][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJiXLBugGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPflHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JqTg0NiANIn4-aRwn3uKtWdoQ7M&random=114897][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (czGET /range/0)] + 17 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Goodput ratio: 31.4/95.0][2.07 sec][Host: art-1.nflximg.net][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 166.5/93.7 1389/1416 393.8/299.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97.4/1336.5 311/1514 80.8/428.1][URL: art-1.nflximg.net/4e36d/6289889020d6cc6dfb3038c35564a41e1ca4e36d.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /4e)] + 18 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72.0/94.2][31.31 sec][Host: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092.2/20.9 30728/135 9212.0/28.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241.7/1136.3 1514/1514 404.6/584.3][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 200][ContentType: application/x-msl+json][UserAgent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /appboot/NFAPPL)] + 19 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 13.1/94.5][7.16 sec][bytes ratio: -0.833 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 253.5/199.3 1162/1131 295.3/282.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.8/1202.6 424/1514 61.0/563.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJZ2VKhqgGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzTho_flHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=LQ7LyXSnZaXKEHAHaRRHk-S7dKE&random=420981][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 20 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 17.5/94.5][5.93 sec][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/4 245.2/164.8 985/775 248.3/180.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.0/1202.6 423/1514 71.0/563.7][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJZ2bLBChGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_ngHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=SixKQmLLJNvShj-pfML-2h4QaqQ&random=727666][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 21 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][Goodput ratio: 13.9/94.8][7.15 sec][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/4 264.6/325.6 1355/1382 336.5/386.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.9/1274.6 423/1514 62.5/516.6][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8&random=323765][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 22 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 76.7/92.6][1.73 sec][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48.2/42.4 437/291 100.9/61.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290.2/895.3 1514/1514 441.6/626.2][TLSv1.2][Client: api-global.netflix.com][JA3C: d8bfad189bd26664e04570c104ee8418][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 23 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][Goodput ratio: 14.0/94.3][7.05 sec][bytes ratio: -0.824 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 247.8/270.5 635/1046 213.2/317.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 80.4/1159.2 426/1514 62.4/602.9][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQIpyTIBGjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_biCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=8Z78vL2i9OzihCA3M1LinMYcMY4&random=2386][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (fGET /range/0)] + 24 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][Goodput ratio: 11.8/94.5][8.05 sec][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/4 258.1/237.1 1250/1203 330.7/380.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84.2/1212.1 424/1514 58.1/550.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo&random=413473][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 25 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][Goodput ratio: 12.6/94.5][5.76 sec][bytes ratio: -0.798 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168.5/222.6 1162/1317 246.3/336.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84.2/1212.2 426/1514 60.5/550.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJ5yTLBCkGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_3mCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=r5jtnnEcR8hDCkPImfEiWqWAjKk&random=1846][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 26 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][Goodput ratio: 14.0/94.3][7.56 sec][bytes ratio: -0.818 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 297.7/146.2 1317/530 354.0/131.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85.1/1159.5 423/1514 63.5/589.6][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJmULRajGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpfblHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=zezrDJDQvgO2TiYC1dT3imH4QC8&random=169467][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 27 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 91.9/78.0][32.21 sec][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 47.7/84.3 332/331 94.1/94.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 810.9/308.7 1514/1514 699.9/492.9][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 28 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72.0/91.0][0.86 sec][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.9/32.9 266/316 64.3/69.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237.4/739.0 1514/1514 406.7/541.9][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 29 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][Goodput ratio: 12.3/94.4][7.38 sec][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 222.2/250.0 636/1132 227.5/336.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83.4/1180.4 424/1514 58.9/569.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJpmQIRekGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThrvnlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=mQfOf90-RY2Gd2ii20KJpCcYQVk&random=134564][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 30 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][Goodput ratio: 12.5/94.1][8.26 sec][bytes ratio: -0.772 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238.4/289.2 1152/1208 301.3/406.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 84.7/1118.7 425/1514 60.1/613.7][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQLJ2TIBepGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPbiCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=tTXu3c6FnJtfi6z0IJp3hw8eDv8&random=1294][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 31 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][Goodput ratio: 13.7/94.1][7.09 sec][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 254.8/290.4 811/1178 266.6/325.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87.0/1121.1 424/1514 63.5/610.6][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10&random=247333][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /range/0)] + 32 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86.5/86.4][0.92 sec][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46.4/54.5 282/127 72.4/34.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 485.7/490.6 1514/1514 602.5/610.3][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 33 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 90.6/86.7][31.72 sec][Host: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877.0/42.1 31088/123 8921.3/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714.4/500.3 1514/1514 676.3/651.2][URL: api-global.netflix.com/msl/nrdjs/2.1.2][StatusCode: 200][ContentType: application/x-msl+json][UserAgent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)] + 34 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79.0/90.4][1.01 sec][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64.7/96.0 322/423 89.1/120.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314.5/696.8 1514/1514 477.1/667.4][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 35 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 75.9/84.0][38.49 sec][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129.1/2946.1 30585/30636 7105.0/8237.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274.0/414.4 1514/1514 437.3/546.1][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 36 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Goodput ratio: 26.0/94.0][32.06 sec][Host: art-2.nflximg.net][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4565.4/33.9 30963/63 10780.3/17.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94.1/1119.8 311/1514 72.5/643.7][URL: art-2.nflximg.net/87b33/bed1223a0040fdc97bac4e906332e462c6e87b33.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /87)] + 37 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 82.7/79.7][30.85 sec][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923.1/15.8 30431/72 7360.8/24.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382.0/327.2 1514/1514 559.0/501.4][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 38 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83.5/80.6][30.38 sec][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017.3/13.7 30033/55 7487.5/20.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399.4/342.7 1514/1514 568.6/514.1][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 39 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 79.7/82.7][3.15 sec][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.9/303.2 2449/2522 644.8/743.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325.2/386.1 1514/1514 478.5/534.2][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 40 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84.4/86.8][0.34 sec][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.1/31.0 85/65 31.5/27.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430.4/507.4 1514/1514 532.6/591.2][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 41 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 54.6/82.9][31.02 sec][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820.1/45.2 30348/363 7132.3/102.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145.3/389.6 422/1514 131.7/519.8][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 42 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70.3/85.6][0.32 sec][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24.0/21.7 72/63 26.2/24.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222.1/465.4 1514/1514 382.1/579.1][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][Server: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-01 12:30:00 - 2029-01-01 12:30:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 43 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 73.9/84.2][30.77 sec][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 28.6/22.0 143/79 42.9/28.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253.4/423.0 1514/1514 421.8/511.9][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 44 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36.2/84.0][30.93 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373.2/20.4 30602/58 8149.0/25.9][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 103.6/417.1 309/1514 78.3/548.0][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][Server: api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Netflix, Inc.][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76.2/81.0][0.21 sec][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26.1/20.2 92/54 34.4/21.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283.0/354.9 1450/1066 419.0/412.7][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 38.8/68.9][30.71 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064.5/6120.4 30486/30536 9140.5/12207.8][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 107.8/215.4 309/989 83.5/296.5][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][Goodput ratio: 74.6/0.0][79.13 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588.2/0.0 14907/0 6546.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 165.5/0.0 167/0 1.5/0.0][PLAIN TEXT (SEARCH )] + 48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47.2/86.9][0.02 sec][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)] + 49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47.2/86.9][0.04 sec][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)] + 50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Goodput ratio: 46.9/88.4][0.04 sec][Host: ios.nccp.netflix.com][PLAIN TEXT (netflix)] + 51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Goodput ratio: 48.8/82.7][0.02 sec][Host: ichnaea.geo.netflix.com][PLAIN TEXT (ichnaea)] + 52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56.1/81.0][0.02 sec][Host: api-global.latency.prodaa.netflix.com][PLAIN TEXT (global)] + 53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56.1/81.0][0.03 sec][Host: api-global.latency.prodaa.netflix.com][PLAIN TEXT (global)] + 54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Goodput ratio: 55.7/80.9][0.00 sec][Host: ichnaea.us-west-2.prodaa.netflix.com][PLAIN TEXT (ichnaea)] + 55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Goodput ratio: 46.3/77.7][0.02 sec][Host: appboot.netflix.com][PLAIN TEXT (appboot)] + 56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Goodput ratio: 49.4/71.1][0.01 sec][Host: artwork.akam.nflximg.net][PLAIN TEXT (artwork)] + 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50.0/68.8][0.02 sec][Host: sha2.san.akam.nflximg.net][PLAIN TEXT (akamaiedge)] + 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 47.6/62.3][0.02 sec][Host: a1907.dscg.akamai.net][PLAIN TEXT (akamai)] + 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 46.9/61.9][0.02 sec][Host: a803.dscg.akamai.net][PLAIN TEXT (akamai)] + 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/TLS.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][14.20 sec] + 61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/netflowv9.pcap.out b/tests/result/netflowv9.pcap.out index 9f6f3080a..474202e3b 100644 --- a/tests/result/netflowv9.pcap.out +++ b/tests/result/netflowv9.pcap.out @@ -1,3 +1,3 @@ NetFlow 10 13888 1 - 1 UDP 192.168.2.134:48629 -> 192.168.2.222:2057 [proto: 128/NetFlow][cat: Network/14][10 pkts/13888 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 1362/0 1388.8/0.0 1418/0 23.1/0.0] + 1 UDP 192.168.2.134:48629 -> 192.168.2.222:2057 [proto: 128/NetFlow][cat: Network/14][10 pkts/13888 bytes -> 0 pkts/0 bytes][Goodput ratio: 97.0/0.0][0.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 1362/0 1388.8/0.0 1418/0 23.1/0.0] diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out index 351a58f7c..98bd3f2e8 100644 --- a/tests/result/nintendo.pcap.out +++ b/tests/result/nintendo.pcap.out @@ -7,24 +7,24 @@ JA3 Host Stats: 1 192.168.12.114 1 - 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.7/17.0 311/242 43.9/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 363.4/454.2 886/886 191.2/117.7][PLAIN TEXT (pluHnq)] - 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][bytes ratio: 0.812 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 45.1/77.1 607/506 66.0/116.9][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 396.2/143.6 1254/886 210.0/128.5] - 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][bytes ratio: 0.796 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40.3/75.5 313/318 40.4/84.4][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 381.0/138.6 886/886 192.7/123.7][PLAIN TEXT (FutwCa)] - 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/TLS.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728.2/1409.1 14019/13944 2635.6/3582.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131.4/201.1 400/983 85.6/219.4] - 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65.1/53.9 287/250 89.4/81.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263.5/486.5 1414/1414 387.3/570.3][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][Server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Nintendo Co., Ltd.][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57.4/47.4 243/198 75.9/64.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283.3/486.6 1414/1414 400.9/570.5][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][Server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Nintendo Co., Ltd.][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][bytes ratio: -0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 231.7/88.7 514/507 225.4/142.2][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 116.6/213.0 230/854 27.1/243.3] - 8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/58 118.7/111.0 274/242 88.6/65.3][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 128.0/128.0 198/198 40.7/40.7] - 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/17 107.5/127.0 288/286 108.6/89.8][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 130.0/131.7 198/198 39.8/42.3] - 10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40.3/0.0 315/0 92.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70.0/0.0 70/0 0.0/0.0] - 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net][bytes ratio: -0.042 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/4 4.3/4.3 5/5 0.5/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 92/92 92.0/100.0 92/108 0.0/8.0][PLAIN TEXT (nintendo)] - 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes] - 13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 74.8/0.0 316/0 129.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70.0/0.0 70/0 0.0/0.0] - 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1.0/0.8 4/3 1.7/1.3][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] - 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)] - 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)] - 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NATTestId)] - 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes] - 21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes] + 1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][Goodput ratio: 88.4/90.8][5.90 sec][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.7/17.0 311/242 43.9/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 363.4/454.2 886/886 191.2/117.7][PLAIN TEXT (pluHnq)] + 2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][Goodput ratio: 89.4/70.7][5.68 sec][bytes ratio: 0.812 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 45.1/77.1 607/506 66.0/116.9][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 396.2/143.6 1254/886 210.0/128.5] + 3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][Goodput ratio: 89.0/69.7][5.49 sec][bytes ratio: 0.796 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40.3/75.5 313/318 40.4/84.4][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 381.0/138.6 886/886 192.7/123.7][PLAIN TEXT (FutwCa)] + 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/TLS.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][Goodput ratio: 49.7/67.2][21.54 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728.2/1409.1 14019/13944 2635.6/3582.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131.4/201.1 400/983 85.6/219.4] + 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][Goodput ratio: 74.6/86.3][0.56 sec][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65.1/53.9 287/250 89.4/81.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263.5/486.5 1414/1414 387.3/570.3][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][Server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Nintendo Co., Ltd.][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][Goodput ratio: 76.4/86.3][0.51 sec][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57.4/47.4 243/198 75.9/64.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283.3/486.6 1414/1414 400.9/570.5][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][Server: *.baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Nintendo Co., Ltd.][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][Goodput ratio: 64.0/80.3][4.86 sec][bytes ratio: -0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 231.7/88.7 514/507 225.4/142.2][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 116.6/213.0 230/854 27.1/243.3] + 8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][Goodput ratio: 67.1/67.1][1.28 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/58 118.7/111.0 274/242 88.6/65.3][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 128.0/128.0 198/198 40.7/40.7] + 9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes][Goodput ratio: 67.6/68.0][1.15 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/17 107.5/127.0 288/286 108.6/89.8][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 130.0/131.7 198/198 39.8/42.3] + 10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.0/0.0][0.73 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40.3/0.0 315/0 92.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70.0/0.0 70/0 0.0/0.0] + 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Goodput ratio: 54.2/57.9][0.01 sec][Host: g2df33d01-lp1.p.srv.nintendo.net][bytes ratio: -0.042 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/4 4.3/4.3 5/5 0.5/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 92/92 92.0/100.0 92/108 0.0/8.0][PLAIN TEXT (nintendo)] + 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes][Goodput ratio: 94.1/0.0][< 1 sec] + 13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.9/0.0][0.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 74.8/0.0 316/0 129.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70.0/0.0 70/0 0.0/0.0] + 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27.5/27.5][0.06 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1.0/0.8 4/3 1.7/1.3][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58.0/58.0 58/58 0.0/0.0] + 15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61.3/84.8][0.03 sec][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)] + 16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61.3/84.8][< 1 sec][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)] + 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 64.2/0.0][0.00 sec] + 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 60.2/0.0][0.00 sec][PLAIN TEXT (NATTestId)] + 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes][Goodput ratio: 85.6/0.0][< 1 sec] + 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.5/0.0][0.00 sec] + 21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.18 sec] diff --git a/tests/result/ocs.pcap.out b/tests/result/ocs.pcap.out index 7b719b0cf..a88306f76 100644 --- a/tests/result/ocs.pcap.out +++ b/tests/result/ocs.pcap.out @@ -11,26 +11,26 @@ JA3 Host Stats: 1 192.168.180.2 4 - 1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 63.9/0.0 3996/0 234.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 59.6/0.0 715/0 25.1/0.0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][ContentType: ][UserAgent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST /catalog/vod)] - 2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210.4/0.0 998/0 326.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 304.5/0.0 1440/0 368.0/0.0][TLSv1][Client: ocs.labgency.ws][JA3C: 0534a22b266a64a5cc9a90f7b5c483cc] - 3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.7/0.0 91/0 29.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 65.2/0.0 208/0 23.6/0.0][URL: www.ocs.fr/data_plateforme/program/18496/tv_detail_mortdunpourw0012236_72f6c.jpg][StatusCode: 0][ContentType: ][UserAgent: ][PLAIN TEXT (GET /data)] - 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/TLS.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 144.7/0.0 1003/0 238.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 40/0 135.8/0.0 1209/0 253.5/0.0][TLSv1][Client: settings.crashlytics.com][JA3C: b030dba3ca09e2e484b9fa75adc4039c] - 5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 39.4/0.0 75/0 26.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 184.3/0.0 1287/0 339.0/0.0][TLSv1.2][Client: mtalk.google.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1] - 6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/TLS.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 56.9/0.0 112/0 36.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 134.0/0.0 649/0 165.6/0.0][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66] - 7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 49.5/0.0 103/0 38.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 111.4/0.0 425/0 106.3/0.0][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66] - 8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 271.6/0.0 1043/0 394.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 182.0/0.0 824/0 287.1/0.0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; U; Android 4.0.4; fr-fr; GT-P7510 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/5][PLAIN TEXT (POST /catalog/vod)] - 9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 196.7/0.0 503/0 209.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 77.1/0.0 136/0 37.3/0.0][URL: api.eu01.capptain.com/ip-to-country][StatusCode: 0][ContentType: ][UserAgent: ][PLAIN TEXT (GET /ip)] - 10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 45.8/0.0 101/0 38.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 79.8/0.0 211/0 58.7/0.0][URL: api.eu01.capptain.com/xmpp-disco?deviceid=f2c993d6218f5e22fe284b2e90c82f3b&push_on_device=true&appid=ocs000003][StatusCode: 0][ContentType: ][UserAgent: ][PLAIN TEXT (GET /xmpp)] - 11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com][PLAIN TEXT (device06)] - 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com][PLAIN TEXT (android)] - 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com][PLAIN TEXT (settings)] - 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (capptain)] - 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com][PLAIN TEXT (googleapis)] - 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][PLAIN TEXT (labgency)] - 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws][PLAIN TEXT (labgency)] - 19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr] + 1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Goodput ratio: 1.5/0.0][51.39 sec][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 63.9/0.0 3996/0 234.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 59.6/0.0 715/0 25.1/0.0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][ContentType: ][UserAgent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST /catalog/vod)] + 2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][Goodput ratio: 82.8/0.0][3.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210.4/0.0 998/0 326.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 304.5/0.0 1440/0 368.0/0.0][TLSv1][Client: ocs.labgency.ws][JA3C: 0534a22b266a64a5cc9a90f7b5c483cc] + 3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Goodput ratio: 5.7/0.0][3.75 sec][Host: www.ocs.fr][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.7/0.0 91/0 29.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 65.2/0.0 208/0 23.6/0.0][URL: www.ocs.fr/data_plateforme/program/18496/tv_detail_mortdunpourw0012236_72f6c.jpg][StatusCode: 0][ContentType: ][UserAgent: ][PLAIN TEXT (GET /data)] + 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/TLS.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][Goodput ratio: 62.0/0.0][2.62 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 144.7/0.0 1003/0 238.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 40/0 135.8/0.0 1209/0 253.5/0.0][TLSv1][Client: settings.crashlytics.com][JA3C: b030dba3ca09e2e484b9fa75adc4039c] + 5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][Goodput ratio: 71.4/0.0][0.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 39.4/0.0 75/0 26.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 184.3/0.0 1287/0 339.0/0.0][TLSv1.2][Client: mtalk.google.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1] + 6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/TLS.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes][Goodput ratio: 59.2/0.0][0.58 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 56.9/0.0 112/0 36.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 134.0/0.0 649/0 165.6/0.0][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66] + 7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.2/0.0][0.81 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 49.5/0.0 103/0 38.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 111.4/0.0 425/0 106.3/0.0][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66] + 8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Goodput ratio: 70.6/0.0][1.36 sec][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 271.6/0.0 1043/0 394.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 182.0/0.0 824/0 287.1/0.0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; U; Android 4.0.4; fr-fr; GT-P7510 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/5][PLAIN TEXT (POST /catalog/vod)] + 9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Goodput ratio: 31.1/0.0][1.18 sec][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 196.7/0.0 503/0 209.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 77.1/0.0 136/0 37.3/0.0][URL: api.eu01.capptain.com/ip-to-country][StatusCode: 0][ContentType: ][UserAgent: ][PLAIN TEXT (GET /ip)] + 10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.1/0.0][0.23 sec][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 45.8/0.0 101/0 38.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 79.8/0.0 211/0 58.7/0.0][URL: api.eu01.capptain.com/xmpp-disco?deviceid=f2c993d6218f5e22fe284b2e90c82f3b&push_on_device=true&appid=ocs000003][StatusCode: 0][ContentType: ][UserAgent: ][PLAIN TEXT (GET /xmpp)] + 11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][8.01 sec] + 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 62.8/0.0][< 1 sec][Host: xmpp.device06.eu01.capptain.com][PLAIN TEXT (device06)] + 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 60.3/0.0][< 1 sec][Host: android.clients.google.com][PLAIN TEXT (android)] + 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 59.2/0.0][< 1 sec][Host: settings.crashlytics.com][PLAIN TEXT (settings)] + 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 57.4/0.0][< 1 sec][Host: api.eu01.capptain.com][PLAIN TEXT (capptain)] + 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Goodput ratio: 56.1/0.0][< 1 sec][Host: play.googleapis.com][PLAIN TEXT (googleapis)] + 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.7/0.0][< 1 sec][Host: ocu03.labgency.ws][PLAIN TEXT (labgency)] + 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Goodput ratio: 53.2/0.0][< 1 sec][Host: ocs.labgency.ws][PLAIN TEXT (labgency)] + 19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 49.1/0.0][< 1 sec][Host: www.ocs.fr] Undetected flows: - 1 TCP 192.168.180.2:46166 -> 137.135.131.52:5122 [proto: 0/Unknown][6 pkts/360 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 998/0 6216.4/0.0 16046/0 5472.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/0 60.0/0.0 60/0 0.0/0.0] + 1 TCP 192.168.180.2:46166 -> 137.135.131.52:5122 [proto: 0/Unknown][6 pkts/360 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][31.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 998/0 6216.4/0.0 16046/0 5472.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/0 60.0/0.0 60/0 0.0/0.0] diff --git a/tests/result/ookla.pcap.out b/tests/result/ookla.pcap.out index 1b7def2ff..d49e5e26d 100644 --- a/tests/result/ookla.pcap.out +++ b/tests/result/ookla.pcap.out @@ -1,4 +1,4 @@ Ookla 5086 4689745 2 - 1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][bytes ratio: -0.559 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14.8/11.5 2086/2226 59.5/54.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 468.9/1275.5 1506/1506 642.3/526.9][PLAIN TEXT ( 6HELLO 2.4 2016)] - 2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 191/Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][bytes ratio: 0.036 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 527.8/46.8 5005/84 1492.6/27.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186.5/260.2 430/523 168.4/194.4][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)] + 1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][Goodput ratio: 85.6/94.8][40.14 sec][bytes ratio: -0.559 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14.8/11.5 2086/2226 59.5/54.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 468.9/1275.5 1506/1506 642.3/526.9][PLAIN TEXT ( 6HELLO 2.4 2016)] + 2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 191/Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][Goodput ratio: 64.0/74.2][5.33 sec][bytes ratio: 0.036 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 527.8/46.8 5005/84 1492.6/27.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186.5/260.2 430/523 168.4/194.4][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)] diff --git a/tests/result/openvpn.pcap.out b/tests/result/openvpn.pcap.out index 860b95066..f74e05660 100644 --- a/tests/result/openvpn.pcap.out +++ b/tests/result/openvpn.pcap.out @@ -1,5 +1,5 @@ OpenVPN 298 57111 3 - 1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][bytes ratio: -0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 288.7/105.9 3994/2456 764.1/365.1][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 185.6/287.3 1214/1287 193.0/325.0][PLAIN TEXT (160727093158Z)] - 2 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][bytes ratio: -0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1298.2/1399.8 11356/11265 2923.7/3289.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 170.8/154.2 1514/222 235.8/63.3][PLAIN TEXT (160630002150Z)] - 3 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][bytes ratio: 0.159 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 224.4/136.5 3857/2389 691.1/463.6][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 160.4/167.6 1214/196 192.4/31.3][PLAIN TEXT (160727093158Z)] + 1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][Goodput ratio: 77.4/85.4][19.24 sec][bytes ratio: -0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 288.7/105.9 3994/2456 764.1/365.1][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 185.6/287.3 1214/1287 193.0/325.0][PLAIN TEXT (160727093158Z)] + 2 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][Goodput ratio: 61.2/57.1][64.13 sec][bytes ratio: -0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1298.2/1399.8 11356/11265 2923.7/3289.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 170.8/154.2 1514/222 235.8/63.3][PLAIN TEXT (160630002150Z)] + 3 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][Goodput ratio: 73.8/74.9][9.11 sec][bytes ratio: 0.159 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 224.4/136.5 3857/2389 691.1/463.6][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 160.4/167.6 1214/196 192.4/31.3][PLAIN TEXT (160727093158Z)] diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out index 230f75864..935d5e29e 100644 --- a/tests/result/pps.pcap.out +++ b/tests/result/pps.pcap.out @@ -3,113 +3,113 @@ HTTP 1502 1849543 62 SSDP 63 17143 10 Google 2 1093 1 - 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/1.7 0/77 0.0/7.9][Pkt Len c2s/s2c min/avg/max/stddev: 303/522 303.0/1312.5 303/1314 0.0/34.0][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_2.jpg?no=2][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)] - 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/1.4 0/51 0.0/6.5][Pkt Len c2s/s2c min/avg/max/stddev: 303/180 303.0/1311.9 303/1314 0.0/49.3][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_1.jpg?no=1][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)] - 3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com][bytes ratio: -0.998 (Download)][IAT c2s/s2c min/avg/max/stddev: 35/0 35.0/0.4 35/35 0.0/2.5][Pkt Len c2s/s2c min/avg/max/stddev: 198/566 200.0/1310.0 202/1314 2.0/50.0][URL: static.qiyi.com/ext/common/qisu2/downloader.ini][StatusCode: 200][ContentType: ][UserAgent: Downloader][PLAIN TEXT (GET /ext/common/qisu2/downloade)] - 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66][bytes ratio: -0.975 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.3 0/3 0.0/0.8][Pkt Len c2s/s2c min/avg/max/stddev: 426/1022 426.0/1302.8 426/1314 0.0/56.2][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&&tn=137719&uuid=76a3085a-57760844-de][StatusCode: 0][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /videos/v)] - 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com][bytes ratio: -0.149 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 68.1/0.0 307/0 127.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 231/536 1002.1/1239.1 1314/1314 433.8/214.6][URL: bcu.ff.avast.com/bc2][StatusCode: 200][ContentType: application/x-enc][UserAgent: {D699054D-1699-47D2-9B2B-E96F438C1160}][PLAIN TEXT (POST /bc2 HTTP/1.1)] - 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 46/0 392.9/0.0 2654/0 854.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 473/0 518.2/0.0 553/0 30.0/0.0][PLAIN TEXT (NOTIFY )] - 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com][URL: cache.video.iqiyi.com/vi/500494600/562e26caed5695900212eb3259070f8a/?src=1_11_114][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /vi/500494600/562)] - 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am][bytes ratio: 0.653 (Upload)][IAT c2s/s2c min/avg/max/stddev: 117/118 216.0/217.0 315/316 99.0/99.0][Pkt Len c2s/s2c min/avg/max/stddev: 946/199 948.0/199.0 952/199 2.8/0.0][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/19 26.7/27.0 34/35 6.1/6.5][Pkt Len c2s/s2c min/avg/max/stddev: 198/526 200.0/528.0 202/530 1.6/1.6][URL: static.qiyi.com/ext/common/qisu2/masauto.ini][StatusCode: 200][ContentType: ][UserAgent: masauto_runxx][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)] - 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com][URL: meta.video.qiyi.com/20160625/a5/bf/413f91ad101e780a6b63f826e28b9920.xml][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /20160625/a)] - 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=1||71000001||5000000858874||5000000927558||roll&as=&av=4.10.004&b=180932301&c=31&ct=&d=2175&di=&dp=&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=&oi=&p=t&pp=&rc=-1][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=1&as=1;2,3;4,5&b=1467353138&c=ae87cb3cfdf494aa48dc608909f69250&cv=5.2.15.2240&d=5000000858874&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)] - 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=0&as=1;2,3;4,5&b=1467353165&c=966542c82a5694d0e943d50d5fcf5a55&cv=5.2.15.2240&d=5000000854934&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)] - 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=201&ct=clt__pl_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] - 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3002.0/0.0 3008/0 3.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30/0 752.8/0.0 2839/0 1188.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 165/0 171.0/0.0 175/0 4.5/0.0][PLAIN TEXT (SEARCH )] - 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com][URL: click.hm.baidu.com/clk?53e25e33e064c657c06b558e5c3c33fd][StatusCode: 302][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /clk)] - 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012][StatusCode: 200][ContentType: ][UserAgent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][PLAIN TEXT (GET /2efc)] - 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=11&ct=pc__ad_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E9%][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] - 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012&uuid=76a3085a-57760844-8b][StatusCode: 200][ContentType: ][UserAgent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][PLAIN TEXT (GET /videos/v)] - 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com][URL: click.hm.baidu.com/mkt.gif?ai=8452891900c903ae7a876447923a5aec&et=0][StatusCode: 204][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /mkt.gif)] - 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&rn=1467353167221&a=34&clt=tvg2015_baikeB_comment_show&type=pc&ref=noref&url=http%3A//vodguide.pps.iqiyi.com/page.php%3Fversion%3D5.2.15.2240%23class%3D200003719%2524%2524%2524%2524180932301%26entityid%3D479531000%26b][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /b)] - 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?c1=6&s1=1&macid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&channelid=000&nu=&e=1352528&se=1253811&r=500494600&aduid=d07dfd30f0ee4e48bbcaf1208c758471&ctm=1375211&playsource=001004000&vid=562e26caed5695900212eb3259070f8a&albumid=500494600&ra=2&td=2265][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.307][PLAIN TEXT (GET /b)] - 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/downloadhelper.ini][StatusCode: 200][ContentType: ][UserAgent: DownloadHelper_runxx][PLAIN TEXT (GET /ext/common/qisu2/downloadh)] - 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=117&tm31=0&tm32=47&tm33=78&tm34=1&tm4=137&tm41=0&tm42=16&tm43=125&tm44=2&tm5=165&tm51=0&tm52=0&tm53=0&tm54=10&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0&][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:2:1|2&av=4.10.004&b=204076701&c=6&ct=5000000926795&d=158&di=&dp=71000001&e=512ab77de7f67d49f24d3511778220d0&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000856344&oi=&p=a&pp=&rc=&rd=&ri=&s][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com][URL: s1.symcb.com/pca3-g5.crl][StatusCode: 200][ContentType: ][UserAgent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /pca3)] - 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=209&tm31=94&tm32=31&tm33=78&tm34=1&tm4=176&tm41=47&tm42=16&tm43=78&tm44=7&tm5=328&tm51=0&tm52=0&tm53=0&tm54=63&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com][URL: clients1.google.com/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih%2BZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCEYrFXkq2ugz][StatusCode: 200][ContentType: ][UserAgent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)] - 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3001.0/0.0 3005/0 2.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3000/0 3003.8/0.0 3014/0 5.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3007.6/0.0 3038/0 15.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] - 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 0][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] - 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/ccs][StatusCode: 200][ContentType: ][UserAgent: CookieClear_runxx][PLAIN TEXT (GET /ccs HTTP/1.1)] - 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?type=recctplay20121226&usract=show&ppuid=-1&uid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&event_id=4b0868920b0f8285320a9e00ee0369e5&cid=31&bkt=pps_c_zebra_main_default&area=pps_c_zebra&platform=2012&albumlist=470694500,471591300,465][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /tmpstats.gif)] - 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=30&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?&tn=137719][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /2efc)] - 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adstart&starttm=1097&reset=1&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353119&islocal=0&as=d19f64047][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=5&a=4&isfinish=2&tm=7&ra=2&tra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353147&islocal=0&as=d19f64047b641cd6][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353140&islocal=0&as=d19f64047b641cd6ff096b04][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353195&islocal=0&as=0311c5a0d5596063db5][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=5&a=2&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353139&islocal=0&as=0311c5a0d5596063db5944bd76b6cbff&][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com][URL: cmc.tanx.com/andc?andc_uid=6693851615885049011&andc_ver=1][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /andc)] - 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masblog.ini][StatusCode: 200][ContentType: ][UserAgent: masblog_runxx][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)] - 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][ContentType: ][UserAgent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)] - 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com][URL: iplocation.geo.qiyi.com/cityjson][StatusCode: 200][ContentType: ][UserAgent: QYAgent_runxx][PLAIN TEXT (GET /cityjson HTTP/1.1)] - 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/index.php/ToolBox/version][StatusCode: 502][ContentType: ][UserAgent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/index.php/To)] - 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masflag.ini][StatusCode: 200][ContentType: ][UserAgent: masflag_runxx][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)] - 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=15&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 0][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/k][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /k HTTP/1.1)] - 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)] - 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)] - 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&a=34&ct=onclick&type=pc&as=&clt=pc_play_player_click&mv=5.2.15.2240&pu=&rn=0FE172EC44C44B86AEEDE54AA00541C457406&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=2.0.102.30147][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] - 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/QYAgent.ini][StatusCode: 200][ContentType: ][UserAgent: QYAgent_runxx][PLAIN TEXT (GET /ext/common/qisu2/Q)] - 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][URL: msg.71.am/core?t=1503291&type=vs&uuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&area=OVERSEA|TW_HiNet&from=BS_High&to=BS_Standard&player_switch_bs_time=41714&average_download_speed_=158515.200000][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] - 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=11&pf=201&p=11&p1=114&s1=0&ct=140819_adsyn&adsyn=1&brinfo=IE_IE9_9.0.8112.16421_1&os=Windows%207&rn=19252&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=5.2.15.2240][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] - 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?method=qiubiter&os=windows-6.1.7601_sp1&uuid=350C3F1AC75D40bc90D602DA4E67A72D&softversion=1.0.0.1&source=pps&tasktype=gettaskinfo][StatusCode: 200][ContentType: ][UserAgent: QIYiAngent][PLAIN TEXT (GET /tmpstats.gif)] - 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 302 Found)] - 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_3.jpg?no=3][StatusCode: 0][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)] - 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)] - 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes] - 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Goodput ratio: 81.9/95.9][0.98 sec][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/1.7 0/77 0.0/7.9][Pkt Len c2s/s2c min/avg/max/stddev: 303/522 303.0/1312.5 303/1314 0.0/34.0][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_2.jpg?no=2][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)] + 2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Goodput ratio: 81.9/95.9][0.82 sec][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/1.4 0/51 0.0/6.5][Pkt Len c2s/s2c min/avg/max/stddev: 303/180 303.0/1311.9 303/1314 0.0/49.3][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_1.jpg?no=1][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)] + 3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Goodput ratio: 72.8/95.9][0.11 sec][Host: static.qiyi.com][bytes ratio: -0.998 (Download)][IAT c2s/s2c min/avg/max/stddev: 35/0 35.0/0.4 35/35 0.0/2.5][Pkt Len c2s/s2c min/avg/max/stddev: 198/566 200.0/1310.0 202/1314 2.0/50.0][URL: static.qiyi.com/ext/common/qisu2/downloader.ini][StatusCode: 200][ContentType: ][UserAgent: Downloader][PLAIN TEXT (GET /ext/common/qisu2/downloade)] + 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Goodput ratio: 87.1/95.9][0.02 sec][Host: 223.26.106.66][bytes ratio: -0.975 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.3 0/3 0.0/0.8][Pkt Len c2s/s2c min/avg/max/stddev: 426/1022 426.0/1302.8 426/1314 0.0/56.2][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&&tn=137719&uuid=76a3085a-57760844-de][StatusCode: 0][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /videos/v)] + 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Goodput ratio: 94.6/95.6][13.04 sec][Host: bcu.ff.avast.com][bytes ratio: -0.149 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 68.1/0.0 307/0 127.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 231/536 1002.1/1239.1 1314/1314 433.8/214.6][URL: bcu.ff.avast.com/bc2][StatusCode: 200][ContentType: application/x-enc][UserAgent: {D699054D-1699-47D2-9B2B-E96F438C1160}][PLAIN TEXT (POST /bc2 HTTP/1.1)] + 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][Goodput ratio: 91.9/0.0][6.36 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 46/0 392.9/0.0 2654/0 854.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 473/0 518.2/0.0 553/0 30.0/0.0][PLAIN TEXT (NOTIFY )] + 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Goodput ratio: 91.6/94.4][0.04 sec][Host: cache.video.iqiyi.com][URL: cache.video.iqiyi.com/vi/500494600/562e26caed5695900212eb3259070f8a/?src=1_11_114][StatusCode: 200][ContentType: ][UserAgent: ][PLAIN TEXT (GET /vi/500494600/562)] + 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Goodput ratio: 94.3/72.7][0.55 sec][Host: msg.71.am][bytes ratio: 0.653 (Upload)][IAT c2s/s2c min/avg/max/stddev: 117/118 216.0/217.0 315/316 99.0/99.0][Pkt Len c2s/s2c min/avg/max/stddev: 946/199 948.0/199.0 952/199 2.8/0.0][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][Goodput ratio: 92.7/84.6][0.24 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Goodput ratio: 72.9/89.7][0.09 sec][Host: static.qiyi.com][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/19 26.7/27.0 34/35 6.1/6.5][Pkt Len c2s/s2c min/avg/max/stddev: 198/526 200.0/528.0 202/530 1.6/1.6][URL: static.qiyi.com/ext/common/qisu2/masauto.ini][StatusCode: 200][ContentType: ][UserAgent: masauto_runxx][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)] + 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Goodput ratio: 82.4/94.6][0.06 sec][Host: meta.video.qiyi.com][URL: meta.video.qiyi.com/20160625/a5/bf/413f91ad101e780a6b63f826e28b9920.xml][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /20160625/a)] + 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Goodput ratio: 94.3/72.7][2.78 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=1||71000001||5000000858874||5000000927558||roll&as=&av=4.10.004&b=180932301&c=31&ct=&d=2175&di=&dp=&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=&oi=&p=t&pp=&rc=-1][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][7.29 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Goodput ratio: 93.0/82.1][0.04 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=1&as=1;2,3;4,5&b=1467353138&c=ae87cb3cfdf494aa48dc608909f69250&cv=5.2.15.2240&d=5000000858874&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)] + 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Goodput ratio: 93.0/82.1][0.04 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=0&as=1;2,3;4,5&b=1467353165&c=966542c82a5694d0e943d50d5fcf5a55&cv=5.2.15.2240&d=5000000854934&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)] + 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Goodput ratio: 92.4/71.8][0.10 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=201&ct=clt__pl_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] + 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.0/0.0][24.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3002.0/0.0 3008/0 3.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.4/0.0][6.03 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30/0 752.8/0.0 2839/0 1188.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 165/0 171.0/0.0 175/0 4.5/0.0][PLAIN TEXT (SEARCH )] + 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/707 bytes <-> 1 pkts/744 bytes][Goodput ratio: 92.2/92.6][0.12 sec][Host: click.hm.baidu.com][URL: click.hm.baidu.com/clk?53e25e33e064c657c06b558e5c3c33fd][StatusCode: 302][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /clk)] + 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Goodput ratio: 85.9/89.5][0.28 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012][StatusCode: 200][ContentType: ][UserAgent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][PLAIN TEXT (GET /2efc)] + 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Goodput ratio: 95.4/71.8][0.09 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=11&ct=pc__ad_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E9%][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] + 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Goodput ratio: 87.7/87.6][2.24 sec][Host: 223.26.106.66][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012&uuid=76a3085a-57760844-8b][StatusCode: 200][ContentType: ][UserAgent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][PLAIN TEXT (GET /videos/v)] + 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Goodput ratio: 94.5/61.9][0.10 sec][Host: click.hm.baidu.com][URL: click.hm.baidu.com/mkt.gif?ai=8452891900c903ae7a876447923a5aec&et=0][StatusCode: 204][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /mkt.gif)] + 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Goodput ratio: 95.0/72.5][0.78 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&rn=1467353167221&a=34&clt=tvg2015_baikeB_comment_show&type=pc&ref=noref&url=http%3A//vodguide.pps.iqiyi.com/page.php%3Fversion%3D5.2.15.2240%23class%3D200003719%2524%2524%2524%2524180932301%26entityid%3D479531000%26b][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /b)] + 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Goodput ratio: 95.0/71.8][0.05 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?c1=6&s1=1&macid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&channelid=000&nu=&e=1352528&se=1253811&r=500494600&aduid=d07dfd30f0ee4e48bbcaf1208c758471&ctm=1375211&playsource=001004000&vid=562e26caed5695900212eb3259070f8a&albumid=500494600&ra=2&td=2265][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.307][PLAIN TEXT (GET /b)] + 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Goodput ratio: 74.2/94.8][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/downloadhelper.ini][StatusCode: 200][ContentType: ][UserAgent: DownloadHelper_runxx][PLAIN TEXT (GET /ext/common/qisu2/downloadh)] + 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][0.16 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][0.09 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][0.06 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][0.10 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][0.18 sec][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=117&tm31=0&tm32=47&tm33=78&tm34=1&tm4=137&tm41=0&tm42=16&tm43=125&tm44=2&tm5=165&tm51=0&tm52=0&tm53=0&tm54=10&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0&][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.2/72.5][0.06 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:2:1|2&av=4.10.004&b=204076701&c=6&ct=5000000926795&d=158&di=&dp=71000001&e=512ab77de7f67d49f24d3511778220d0&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000856344&oi=&p=a&pp=&rc=&rd=&ri=&s][StatusCode: 200][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Goodput ratio: 81.0/93.5][0.00 sec][Host: s1.symcb.com][URL: s1.symcb.com/pca3-g5.crl][StatusCode: 200][ContentType: ][UserAgent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /pca3)] + 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94.0/72.5][0.10 sec][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=209&tm31=94&tm32=31&tm33=78&tm34=1&tm4=176&tm41=47&tm42=16&tm43=78&tm44=7&tm5=328&tm51=0&tm52=0&tm53=0&tm54=63&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Goodput ratio: 80.4/93.2][0.00 sec][Host: clients1.google.com][URL: clients1.google.com/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih%2BZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCEYrFXkq2ugz][StatusCode: 200][ContentType: ][UserAgent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)] + 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.5/0.0][15.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3001.0/0.0 3005/0 2.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179.0/0.0 179/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.9/0.0][15.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3000/0 3003.8/0.0 3014/0 5.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.9/0.0][15.04 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3007.6/0.0 3038/0 15.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175.0/0.0 175/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Goodput ratio: 94.2/0.0][< 1 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 0][ContentType: ][UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)] + 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Goodput ratio: 90.9/81.2][0.03 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/ccs][StatusCode: 200][ContentType: ][UserAgent: CookieClear_runxx][PLAIN TEXT (GET /ccs HTTP/1.1)] + 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Goodput ratio: 92.1/72.5][0.09 sec][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?type=recctplay20121226&usract=show&ppuid=-1&uid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&event_id=4b0868920b0f8285320a9e00ee0369e5&cid=31&bkt=pps_c_zebra_main_default&area=pps_c_zebra&platform=2012&albumlist=470694500,471591300,465][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /tmpstats.gif)] + 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Goodput ratio: 92.0/72.5][0.06 sec][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=30&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.9/0.0][12.04 sec][PLAIN TEXT (SEARCH )] + 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Goodput ratio: 84.6/88.5][0.04 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?&tn=137719][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /2efc)] + 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91.3/72.5][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adstart&starttm=1097&reset=1&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353119&islocal=0&as=d19f64047][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91.2/72.5][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=5&a=4&isfinish=2&tm=7&ra=2&tra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353147&islocal=0&as=d19f64047b641cd6][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91.1/72.5][0.17 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353140&islocal=0&as=d19f64047b641cd6ff096b04][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Goodput ratio: 90.6/72.5][0.13 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353195&islocal=0&as=0311c5a0d5596063db5][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Goodput ratio: 90.4/72.5][0.15 sec][Host: msg.71.am][URL: msg.71.am/core?t=5&a=2&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353139&islocal=0&as=0311c5a0d5596063db5944bd76b6cbff&][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Goodput ratio: 87.6/80.6][0.09 sec][Host: cmc.tanx.com][URL: cmc.tanx.com/andc?andc_uid=6693851615885049011&andc_ver=1][StatusCode: 200][ContentType: ][UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /andc)] + 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Goodput ratio: 72.4/89.6][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masblog.ini][StatusCode: 200][ContentType: ][UserAgent: masblog_runxx][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)] + 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Goodput ratio: 79.8/82.9][0.22 sec][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][ContentType: ][UserAgent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)] + 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Goodput ratio: 66.5/80.3][0.09 sec][Host: iplocation.geo.qiyi.com][URL: iplocation.geo.qiyi.com/cityjson][StatusCode: 200][ContentType: ][UserAgent: QYAgent_runxx][PLAIN TEXT (GET /cityjson HTTP/1.1)] + 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Goodput ratio: 79.3/82.9][0.21 sec][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/index.php/ToolBox/version][StatusCode: 502][ContentType: ][UserAgent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/index.php/To)] + 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Goodput ratio: 72.4/88.9][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masflag.ini][StatusCode: 200][ContentType: ][UserAgent: masflag_runxx][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)] + 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.0/0.0][< 1 sec][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=15&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 0][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Goodput ratio: 78.3/87.2][0.04 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/k][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /k HTTP/1.1)] + 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Goodput ratio: 86.3/80.1][0.14 sec][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)] + 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Goodput ratio: 86.3/80.1][3.07 sec][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)] + 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Goodput ratio: 87.1/71.8][0.11 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&a=34&ct=onclick&type=pc&as=&clt=pc_play_player_click&mv=5.2.15.2240&pu=&rn=0FE172EC44C44B86AEEDE54AA00541C457406&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=2.0.102.30147][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] + 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Goodput ratio: 72.4/86.9][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/QYAgent.ini][StatusCode: 200][ContentType: ][UserAgent: QYAgent_runxx][PLAIN TEXT (GET /ext/common/qisu2/Q)] + 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Goodput ratio: 86.8/72.5][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=1503291&type=vs&uuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&area=OVERSEA|TW_HiNet&from=BS_High&to=BS_Standard&player_switch_bs_time=41714&average_download_speed_=158515.200000][StatusCode: 200][ContentType: ][UserAgent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)] + 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Goodput ratio: 86.1/71.8][0.09 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=11&pf=201&p=11&p1=114&s1=0&ct=140819_adsyn&adsyn=1&brinfo=IE_IE9_9.0.8112.16421_1&os=Windows%207&rn=19252&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=5.2.15.2240][StatusCode: 200][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)] + 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Goodput ratio: 79.2/72.5][0.07 sec][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?method=qiubiter&os=windows-6.1.7601_sp1&uuid=350C3F1AC75D40bc90D602DA4E67A72D&softversion=1.0.0.1&source=pps&tasktype=gettaskinfo][StatusCode: 200][ContentType: ][UserAgent: QIYiAngent][PLAIN TEXT (GET /tmpstats.gif)] + 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][Goodput ratio: 72.7/0.0][0.07 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][Goodput ratio: 76.3/0.0][3.00 sec][PLAIN TEXT (SEARCH )] + 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][Goodput ratio: 84.2/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 302 Found)] + 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Goodput ratio: 81.9/0.0][< 1 sec][Host: preimage1.qiyipic.com][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_3.jpg?no=3][StatusCode: 0][ContentType: ][UserAgent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)] + 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][Goodput ratio: 72.5/0.0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)] + 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][Goodput ratio: 74.1/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][Goodput ratio: 67.2/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] Undetected flows: - 1 UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][bytes ratio: 0.742 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3.6/1.4 17/19 4.6/3.7][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107.0/79.0 1109/81 0.2/0.2][PLAIN TEXT (lllllllh)] - 2 UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][bytes ratio: -0.739 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2.1/4.2 30/32 5.0/6.6][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79.0/1107.0 79/1107 0.0/0.0][PLAIN TEXT (66666662)] - 3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][bytes ratio: 0.711 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 17.1/7.2 25/25 7.4/9.0][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107.0/79.0 1107/79 0.0/0.0][PLAIN TEXT (YYYYYYY)] - 4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/30 14.7/45.8 45/68 17.9/13.7][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79.0/1107.0 79/1107 0.0/0.0][PLAIN TEXT (CCCCCCC)] - 5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][bytes ratio: -0.618 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/12 17.4/43.7 71/77 21.6/23.1][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 79.0/1004.2 79/1125 0.0/314.4][PLAIN TEXT (hhhhhhhl)] - 6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][PLAIN TEXT (bTTTUQX)] - 7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)] - 8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)] - 9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes] - 10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes] - 13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][PLAIN TEXT (wsssss)] - 14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes] - 15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes] - 16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][PLAIN TEXT (222222266)] - 17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] - 34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes] + 1 UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][Goodput ratio: 96.2/46.8][0.55 sec][bytes ratio: 0.742 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3.6/1.4 17/19 4.6/3.7][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107.0/79.0 1109/81 0.2/0.2][PLAIN TEXT (lllllllh)] + 2 UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][Goodput ratio: 46.8/96.2][0.54 sec][bytes ratio: -0.739 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2.1/4.2 30/32 5.0/6.6][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79.0/1107.0 79/1107 0.0/0.0][PLAIN TEXT (66666662)] + 3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][Goodput ratio: 96.2/46.8][0.55 sec][bytes ratio: 0.711 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 17.1/7.2 25/25 7.4/9.0][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107.0/79.0 1107/79 0.0/0.0][PLAIN TEXT (YYYYYYY)] + 4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][Goodput ratio: 46.8/96.2][0.51 sec][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/30 14.7/45.8 45/68 17.9/13.7][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79.0/1107.0 79/1107 0.0/0.0][PLAIN TEXT (CCCCCCC)] + 5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][Goodput ratio: 46.8/95.8][0.54 sec][bytes ratio: -0.618 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/12 17.4/43.7 71/77 21.6/23.1][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 79.0/1004.2 79/1125 0.0/314.4][PLAIN TEXT (hhhhhhhl)] + 6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][Goodput ratio: 46.5/96.2][0.22 sec][PLAIN TEXT (bTTTUQX)] + 7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 67.1/0.0][0.00 sec][PLAIN TEXT (444444)] + 8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 67.1/0.0][0.00 sec][PLAIN TEXT (444444)] + 9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 71.8/0.0][< 1 sec] + 10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67.4/0.0][< 1 sec] + 11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67.4/0.0][< 1 sec] + 12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67.4/0.0][0.00 sec] + 13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][Goodput ratio: 51.1/50.3][< 1 sec][PLAIN TEXT (wsssss)] + 14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 55.0/0.0][0.00 sec] + 15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.4/0.0][0.00 sec] + 16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.5/0.0][0.00 sec][PLAIN TEXT (222222266)] + 17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.00 sec] + 19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.00 sec] + 20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][0.00 sec] + 25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] + 34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.1/0.0][< 1 sec] diff --git a/tests/result/ps_vue.pcap.out b/tests/result/ps_vue.pcap.out index 338c0b30b..409dce069 100644 --- a/tests/result/ps_vue.pcap.out +++ b/tests/result/ps_vue.pcap.out @@ -2,11 +2,11 @@ PS_VUE 1724 2198169 1 TLS 11 1401 5 Amazon 5 1380 2 - 1 TCP 8.252.2.139:80 -> 192.168.1.132:59198 [proto: 7.64/HTTP.PS_VUE][cat: Video/26][1724 pkts/2198169 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9.3/0.0 1184/0 55.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 1275.0/0.0 1372/0 336.5/0.0][PLAIN TEXT (ovwuGc)] - 2 TCP 13.33.255.96:443 -> 192.168.1.132:55076 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/1294 bytes -> 0 pkts/0 bytes] - 3 TCP 63.140.57.73:443 -> 192.168.1.132:61267 [proto: 91/TLS][cat: Web/5][2 pkts/791 bytes -> 0 pkts/0 bytes] - 4 TCP 209.102.209.13:443 -> 192.168.1.132:65112 [proto: 91/TLS][cat: Web/5][3 pkts/193 bytes -> 0 pkts/0 bytes] - 5 TCP 23.57.89.123:443 -> 192.168.1.132:52217 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes] - 6 TCP 23.57.89.123:443 -> 192.168.1.132:55648 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes] - 7 TCP 23.57.89.123:443 -> 192.168.1.132:62694 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes] - 8 TCP 34.217.165.102:443 -> 192.168.1.132:63577 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/86 bytes -> 0 pkts/0 bytes] + 1 TCP 8.252.2.139:80 -> 192.168.1.132:59198 [proto: 7.64/HTTP.PS_VUE][cat: Video/26][1724 pkts/2198169 bytes -> 0 pkts/0 bytes][Goodput ratio: 95.8/0.0][16.15 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9.3/0.0 1184/0 55.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 1275.0/0.0 1372/0 336.5/0.0][PLAIN TEXT (ovwuGc)] + 2 TCP 13.33.255.96:443 -> 192.168.1.132:55076 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 83.2/0.0][10.18 sec] + 3 TCP 63.140.57.73:443 -> 192.168.1.132:61267 [proto: 91/TLS][cat: Web/5][2 pkts/791 bytes -> 0 pkts/0 bytes][Goodput ratio: 86.2/0.0][0.02 sec] + 4 TCP 209.102.209.13:443 -> 192.168.1.132:65112 [proto: 91/TLS][cat: Web/5][3 pkts/193 bytes -> 0 pkts/0 bytes][Goodput ratio: 16.0/0.0][8.00 sec] + 5 TCP 23.57.89.123:443 -> 192.168.1.132:52217 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22.1/0.0][< 1 sec] + 6 TCP 23.57.89.123:443 -> 192.168.1.132:55648 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22.1/0.0][< 1 sec] + 7 TCP 23.57.89.123:443 -> 192.168.1.132:62694 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22.1/0.0][< 1 sec] + 8 TCP 34.217.165.102:443 -> 192.168.1.132:63577 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] diff --git a/tests/result/quic.pcap.out b/tests/result/quic.pcap.out index ea860e0f2..c6995f10f 100644 --- a/tests/result/quic.pcap.out +++ b/tests/result/quic.pcap.out @@ -3,16 +3,16 @@ GMail 413 254874 1 YouTube 85 76193 5 Google 14 10427 3 - 1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com][bytes ratio: -0.812 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 302.6/161.1 21144/21225 1960.2/1485.2][Pkt Len c2s/s2c min/avg/max/stddev: 67/61 148.6/916.4 1392/1392 207.3/580.7][PLAIN TEXT (mail.google.com)] - 2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51.8/25.7 803/828 182.6/134.1][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 211.0/1208.1 1392/1392 357.7/430.3][PLAIN TEXT (www.youtube.com)] - 3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com][bytes ratio: 0.125 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/20 33.0/10.0 52/20 13.5/10.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 920.5/954.3 1392/1392 538.2/619.0][PLAIN TEXT (www.youtube.com)] - 4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com][bytes ratio: 0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/21 49.5/10.5 74/21 24.5/10.5][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 955.3/954.3 1392/1392 617.5/619.0][PLAIN TEXT (fonts.gstatic.com)] - 5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)] - 6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com][PLAIN TEXT (www.google.comO)] - 7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)] - 8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)] - 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes] + 1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Goodput ratio: 71.7/95.4][37.93 sec][Host: mail.google.com][bytes ratio: -0.812 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 302.6/161.1 21144/21225 1960.2/1485.2][Pkt Len c2s/s2c min/avg/max/stddev: 67/61 148.6/916.4 1392/1392 207.3/580.7][PLAIN TEXT (mail.google.com)] + 2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Goodput ratio: 80.1/96.5][1.00 sec][Host: www.youtube.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51.8/25.7 803/828 182.6/134.1][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 211.0/1208.1 1392/1392 357.7/430.3][PLAIN TEXT (www.youtube.com)] + 3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Goodput ratio: 95.4/95.6][0.10 sec][Host: www.youtube.com][bytes ratio: 0.125 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/20 33.0/10.0 52/20 13.5/10.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 920.5/954.3 1392/1392 538.2/619.0][PLAIN TEXT (www.youtube.com)] + 4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Goodput ratio: 95.6/95.6][0.10 sec][Host: fonts.gstatic.com][bytes ratio: 0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/21 49.5/10.5 74/21 24.5/10.5][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 955.3/954.3 1392/1392 617.5/619.0][PLAIN TEXT (fonts.gstatic.com)] + 5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Goodput ratio: 96.9/96.9][0.09 sec][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)] + 6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Goodput ratio: 91.8/96.9][0.16 sec][Host: www.google.com][PLAIN TEXT (www.google.comO)] + 7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Goodput ratio: 94.2/96.9][0.10 sec][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)] + 8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Goodput ratio: 96.9/96.9][0.08 sec][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)] + 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes][Goodput ratio: 64.9/65.3][0.09 sec] Undetected flows: - 1 UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 799.8/0.0 1749/0 595.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 112/0 1178.7/0.0 1392/0 477.0/0.0] + 1 UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes][Goodput ratio: 96.4/0.0][4.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 799.8/0.0 1749/0 595.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 112/0 1178.7/0.0 1392/0 477.0/0.0] diff --git a/tests/result/quickplay.pcap.out b/tests/result/quickplay.pcap.out index 9464a3cd1..9b55bbd18 100644 --- a/tests/result/quickplay.pcap.out +++ b/tests/result/quickplay.pcap.out @@ -4,24 +4,24 @@ Facebook 6 1740 3 Google 2 378 1 Amazon 2 1469 1 - 1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.220 (Download)][IAT c2s/s2c min/avg/max/stddev: 182/2021 3144.0/2861.7 23289/5776 4036.1/929.1][Pkt Len c2s/s2c min/avg/max/stddev: 500/76 511.5/933.3 587/1456 26.6/493.8][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-0020.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 1066/2163 7708.6/7600.5 23311/23043 9303.4/8905.3][Pkt Len c2s/s2c min/avg/max/stddev: 502/652 502.0/1143.5 502/1456 0.0/288.0][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0055.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2521/3055 13434.2/13893.5 23447/24732 10021.5/10838.5][Pkt Len c2s/s2c min/avg/max/stddev: 502/822 502.0/1174.0 502/1456 0.0/263.5][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0048.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.204 (Download)][IAT c2s/s2c min/avg/max/stddev: 2241/2426 9534.0/3315.0 23958/4204 10199.5/889.0][Pkt Len c2s/s2c min/avg/max/stddev: 502/128 502.0/1013.3 502/1456 0.0/626.0][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0052.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.063 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3284/3295 3390.3/3322.0 3535/3349 106.0/27.0][Pkt Len c2s/s2c min/avg/max/stddev: 502/188 502.0/758.7 502/1456 0.0/525.4][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0068.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)] - 7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)] - 8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0066.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-index.m3u8?e=1428999699][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] - 10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Host: play-singtelhawk.quickplay.com][URL: play-singtelhawk.quickplay.com/vstb/playlist_5_6241_357.m3u8?action=145&appId=5006&carrierId=23&appVersion=1.0&contentId=6241&contentTypeId=3&deviceName=androidmobile&encodingId=357&drmId=4&drmVersion=1.5&delivery=5&prefLanguage=eng&webvtt=true&userid=091][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /vstb/playlist)] - 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Host: api.account.xiaomi.com][URL: api.account.xiaomi.com/pass/v2/safe/user/coreInfo?signature=u%2F73dEXBHbejev0ISNwnGyyfeTw%3D&userId=Mz5Xr5UXKuw83hxd6Yms2w%3D%3D][StatusCode: 200][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /pass/v)] - 12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmsnssync][StatusCode: 0][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] - 13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/getcontactlabellist][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] - 14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Host: hkminorshort.weixin.qq.com][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] - 15 TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/androidgcmreg][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] - 16 TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmbatchemojidownload][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] - 17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] - 18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] - 19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; GT-I9505 Build/KOT49H)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] - 20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/home?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 0][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)] - 21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Host: clients3.google.com][URL: clients3.google.com/generate_204][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /generate)] + 1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Goodput ratio: 89.0/94.0][101.50 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.220 (Download)][IAT c2s/s2c min/avg/max/stddev: 182/2021 3144.0/2861.7 23289/5776 4036.1/929.1][Pkt Len c2s/s2c min/avg/max/stddev: 500/76 511.5/933.3 587/1456 26.6/493.8][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-0020.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Goodput ratio: 88.8/95.1][109.64 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 1066/2163 7708.6/7600.5 23311/23043 9303.4/8905.3][Pkt Len c2s/s2c min/avg/max/stddev: 502/652 502.0/1143.5 502/1456 0.0/288.0][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0055.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Goodput ratio: 88.8/95.2][53.74 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2521/3055 13434.2/13893.5 23447/24732 10021.5/10838.5][Pkt Len c2s/s2c min/avg/max/stddev: 502/822 502.0/1174.0 502/1456 0.0/263.5][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0048.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Goodput ratio: 88.8/94.4][28.60 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.204 (Download)][IAT c2s/s2c min/avg/max/stddev: 2241/2426 9534.0/3315.0 23958/4204 10199.5/889.0][Pkt Len c2s/s2c min/avg/max/stddev: 502/128 502.0/1013.3 502/1456 0.0/626.0][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0052.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Goodput ratio: 88.8/92.6][10.17 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.063 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3284/3295 3390.3/3322.0 3535/3349 106.0/27.0][Pkt Len c2s/s2c min/avg/max/stddev: 502/188 502.0/758.7 502/1456 0.0/525.4][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0068.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Goodput ratio: 86.6/96.0][9.29 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)] + 7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Goodput ratio: 84.6/95.7][9.24 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)] + 8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Goodput ratio: 88.8/95.4][27.01 sec][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0066.ts][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Goodput ratio: 89.3/95.1][2.46 sec][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-index.m3u8?e=1428999699][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)] + 10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Goodput ratio: 89.6/95.4][0.64 sec][Host: play-singtelhawk.quickplay.com][URL: play-singtelhawk.quickplay.com/vstb/playlist_5_6241_357.m3u8?action=145&appId=5006&carrierId=23&appVersion=1.0&contentId=6241&contentTypeId=3&deviceName=androidmobile&encodingId=357&drmId=4&drmVersion=1.5&delivery=5&prefLanguage=eng&webvtt=true&userid=091][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /vstb/playlist)] + 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Goodput ratio: 91.1/93.1][0.32 sec][Host: api.account.xiaomi.com][URL: api.account.xiaomi.com/pass/v2/safe/user/coreInfo?signature=u%2F73dEXBHbejev0ISNwnGyyfeTw%3D&userId=Mz5Xr5UXKuw83hxd6Yms2w%3D%3D][StatusCode: 200][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /pass/v)] + 12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Goodput ratio: 90.5/61.0][2.08 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmsnssync][StatusCode: 0][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] + 13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Goodput ratio: 87.7/78.4][2.81 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/getcontactlabellist][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] + 14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Goodput ratio: 91.6/78.3][0.14 sec][Host: hkminorshort.weixin.qq.com][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] + 15 TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Goodput ratio: 90.8/78.2][0.37 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/androidgcmreg][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] + 16 TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Goodput ratio: 85.0/78.2][0.34 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmbatchemojidownload][StatusCode: 200][ContentType: ][UserAgent: MicroMessenger Client][PLAIN TEXT (POST http)] + 17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Goodput ratio: 76.6/83.2][0.46 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] + 18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Goodput ratio: 76.6/83.2][0.46 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] + 19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Goodput ratio: 76.1/83.2][0.34 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; GT-I9505 Build/KOT49H)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)] + 20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Goodput ratio: 84.1/48.2][0.31 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/home?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 0][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)] + 21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Goodput ratio: 76.4/58.7][0.06 sec][Host: clients3.google.com][URL: clients3.google.com/generate_204][StatusCode: 204][ContentType: ][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /generate)] diff --git a/tests/result/rdp.pcap.out b/tests/result/rdp.pcap.out index eaa5caa71..f1277d91a 100644 --- a/tests/result/rdp.pcap.out +++ b/tests/result/rdp.pcap.out @@ -1,3 +1,3 @@ RDP 2010 622743 1 - 1 TCP 172.16.2.185:52494 <-> 192.168.2.142:3389 [proto: 88/RDP][cat: RemoteAccess/12][936 pkts/58890 bytes <-> 1074 pkts/563853 bytes][bytes ratio: -0.811 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.0/5.0 850/850 40.1/37.8][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 62.9/525.0 622/1317 44.3/511.5][PLAIN TEXT (192.168.2.142)] + 1 TCP 172.16.2.185:52494 <-> 192.168.2.142:3389 [proto: 88/RDP][cat: RemoteAccess/12][936 pkts/58890 bytes <-> 1074 pkts/563853 bytes][Goodput ratio: 30.0/91.6][7.55 sec][bytes ratio: -0.811 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.0/5.0 850/850 40.1/37.8][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 62.9/525.0 622/1317 44.3/511.5][PLAIN TEXT (192.168.2.142)] diff --git a/tests/result/rx.pcap.out b/tests/result/rx.pcap.out index 7cf104187..f51f77563 100644 --- a/tests/result/rx.pcap.out +++ b/tests/result/rx.pcap.out @@ -1,7 +1,7 @@ RX 132 26475 5 - 1 UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes][bytes ratio: 0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 508.7/12.8 19828/65 3093.7/17.6][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 141.8/179.6 510/782 116.8/122.6][PLAIN TEXT (UZ.SNS.IT)] - 2 UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/20 46.9/75.8 240/282 63.4/93.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/130 101.8/898.4 134/1118 15.3/410.8][PLAIN TEXT (root.cell)] - 3 UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 2519.9/4.2 19845/17 6548.8/5.3][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 208.5/105.7 510/198 182.6/34.4][PLAIN TEXT (UZ.SNS.IT)] - 4 UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes] - 5 UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes] + 1 UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes][Goodput ratio: 70.4/76.6][20.45 sec][bytes ratio: 0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 508.7/12.8 19828/65 3093.7/17.6][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 141.8/179.6 510/782 116.8/122.6][PLAIN TEXT (UZ.SNS.IT)] + 2 UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes][Goodput ratio: 58.7/95.3][0.72 sec][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/20 46.9/75.8 240/282 63.4/93.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/130 101.8/898.4 134/1118 15.3/410.8][PLAIN TEXT (root.cell)] + 3 UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes][Goodput ratio: 79.8/60.2][20.17 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 2519.9/4.2 19845/17 6548.8/5.3][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 208.5/105.7 510/198 182.6/34.4][PLAIN TEXT (UZ.SNS.IT)] + 4 UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][Goodput ratio: 80.8/45.6][0.01 sec] + 5 UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][Goodput ratio: 80.8/45.6][0.01 sec] diff --git a/tests/result/signal.pcap.out b/tests/result/signal.pcap.out index dd19a85d6..32651a1fe 100644 --- a/tests/result/signal.pcap.out +++ b/tests/result/signal.pcap.out @@ -11,22 +11,22 @@ JA3 Host Stats: 1 192.168.2.17 3 - 1 TCP 192.168.2.17:57027 <-> 13.35.253.42:443 [proto: 91.39/TLS.Signal][cat: Chat/9][170 pkts/206962 bytes <-> 95 pkts/9293 bytes][bytes ratio: 0.914 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1.8/3.4 39/47 6.0/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1217.4/97.8 1506/1506 547.8/174.6][TLSv1.2][Client: cdn.signal.org][JA3C: 6725ca90906e1036febcbfd464e2e326][Server: cdn.signal.org][JA3S: c4b2785a87896e19d37eee932070cb22][Organization: Open Whisper Systems][Certificate SHA-1: 81:3D:8A:2E:EE:B2:E1:F4:1C:2B:6D:20:16:54:B2:C1:87:D0:1E:12][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 2 TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 12.7/19.6 112/114 34.8/41.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625.3/405.8 1506/1506 628.8/565.5][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 3 TCP 192.168.2.17:57022 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][24 pkts/2540 bytes <-> 21 pkts/12673 bytes][bytes ratio: -0.666 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16.9/14.0 124/83 34.8/27.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/603.5 583/1506 104.9/573.8][TLSv1.3][Client: itunes.apple.com][JA3C: 17305a56a62a10f6b0ee8edcc3b1769c][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384] - 4 TCP 192.168.2.17:57018 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][25 pkts/2582 bytes <-> 20 pkts/12000 bytes][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7.4/9.7 47/52 16.2/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103.3/600.0 583/1506 103.5/587.8][TLSv1.3][Client: itunes.apple.com][JA3C: 17305a56a62a10f6b0ee8edcc3b1769c][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384] - 5 TCP 192.168.2.17:49227 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][13 pkts/1808 bytes <-> 12 pkts/4355 bytes][bytes ratio: -0.413 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 62.1/293.1 115/2199 52.5/677.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139.1/362.9 502/1506 119.5/470.7][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 6 TCP 192.168.2.17:57024 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2054 bytes <-> 11 pkts/3775 bytes][bytes ratio: -0.295 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.9/59.0 167/186 54.6/77.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.9/343.2 583/1506 133.5/472.0][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 7 TCP 192.168.2.17:57021 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2108 bytes <-> 10 pkts/3709 bytes][bytes ratio: -0.275 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1019.6/49.6 13018/120 3463.9/56.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131.8/370.9 583/1506 130.8/486.5][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 8 TCP 192.168.2.17:57020 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2103 bytes <-> 11 pkts/3562 bytes][bytes ratio: -0.258 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1019.4/44.5 13011/122 3461.9/56.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131.4/323.8 583/1506 130.5/472.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 9 TCP 192.168.2.17:57019 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2095 bytes <-> 11 pkts/3527 bytes][bytes ratio: -0.255 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1020.2/43.2 13026/120 3466.0/54.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 130.9/320.6 583/1506 129.9/473.1][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 10 TCP 192.168.2.17:57023 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2049 bytes <-> 11 pkts/3562 bytes][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.0/58.0 168/181 54.2/76.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.6/323.8 583/1506 133.1/472.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 11 TCP 192.168.2.17:57025 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2041 bytes <-> 11 pkts/3527 bytes][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.8/58.4 166/184 54.4/76.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.1/320.6 583/1506 132.6/473.1][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 12 TCP 192.168.2.17:49226 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][13 pkts/1688 bytes <-> 11 pkts/3569 bytes][bytes ratio: -0.358 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58.4/57.4 113/154 53.2/65.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 129.8/324.5 502/1506 120.2/473.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 13 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: lucas-imac][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46] - 14 TCP 23.57.24.16:443 <-> 192.168.2.17:57016 [proto: 91/TLS][cat: Web/5][6 pkts/408 bytes <-> 6 pkts/471 bytes][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/16 158.5/4.0 347/16 156.8/6.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 68.0/78.5 90/105 16.1/14.7] - 15 TCP 192.168.2.17:56996 <-> 17.248.146.144:443 [proto: 91.140/TLS.Apple][cat: Web/5][4 pkts/341 bytes <-> 4 pkts/264 bytes][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/0 8.3/0.0 25/0 11.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.2/66.0 112/66 20.0/0.0] - 16 TCP 192.168.2.17:57017 <-> 2.18.232.118:443 [proto: 91/TLS][cat: Web/5][5 pkts/317 bytes <-> 3 pkts/221 bytes][bytes ratio: 0.178 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.0/0.0 24/0 10.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 63.4/73.7 89/89 13.6/10.8] - 17 UDP 192.168.2.17:56263 <-> 192.168.2.1:53 [proto: 5.39/DNS.Signal][cat: Chat/9][1 pkts/97 bytes <-> 1 pkts/193 bytes][Host: textsecure-service.whispersystems.org][PLAIN TEXT (textsecure)] - 18 UDP 192.168.2.17:60793 <-> 192.168.2.1:53 [proto: 5/DNS][cat: Media/1][1 pkts/85 bytes <-> 1 pkts/101 bytes][Host: e673.dsce9.akamaiedge.net][PLAIN TEXT (akamaiedge)] - 19 ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.2.17:57027 <-> 13.35.253.42:443 [proto: 91.39/TLS.Signal][cat: Chat/9][170 pkts/206962 bytes <-> 95 pkts/9293 bytes][Goodput ratio: 94.6/32.3][0.48 sec][bytes ratio: 0.914 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1.8/3.4 39/47 6.0/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1217.4/97.8 1506/1506 547.8/174.6][TLSv1.2][Client: cdn.signal.org][JA3C: 6725ca90906e1036febcbfd464e2e326][Server: cdn.signal.org][JA3S: c4b2785a87896e19d37eee932070cb22][Organization: Open Whisper Systems][Certificate SHA-1: 81:3D:8A:2E:EE:B2:E1:F4:1C:2B:6D:20:16:54:B2:C1:87:D0:1E:12][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 2 TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][Goodput ratio: 89.4/83.6][0.57 sec][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 12.7/19.6 112/114 34.8/41.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625.3/405.8 1506/1506 628.8/565.5][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 3 TCP 192.168.2.17:57022 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][24 pkts/2540 bytes <-> 21 pkts/12673 bytes][Goodput ratio: 37.6/89.0][0.40 sec][bytes ratio: -0.666 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16.9/14.0 124/83 34.8/27.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/603.5 583/1506 104.9/573.8][TLSv1.3][Client: itunes.apple.com][JA3C: 17305a56a62a10f6b0ee8edcc3b1769c][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384] + 4 TCP 192.168.2.17:57018 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][25 pkts/2582 bytes <-> 20 pkts/12000 bytes][Goodput ratio: 37.0/88.9][0.24 sec][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7.4/9.7 47/52 16.2/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103.3/600.0 583/1506 103.5/587.8][TLSv1.3][Client: itunes.apple.com][JA3C: 17305a56a62a10f6b0ee8edcc3b1769c][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384] + 5 TCP 192.168.2.17:49227 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][13 pkts/1808 bytes <-> 12 pkts/4355 bytes][Goodput ratio: 51.9/81.6][3.03 sec][bytes ratio: -0.413 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 62.1/293.1 115/2199 52.5/677.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139.1/362.9 502/1506 119.5/470.7][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 6 TCP 192.168.2.17:57024 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2054 bytes <-> 11 pkts/3775 bytes][Goodput ratio: 51.2/80.5][0.59 sec][bytes ratio: -0.295 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.9/59.0 167/186 54.6/77.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.9/343.2 583/1506 133.5/472.0][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 7 TCP 192.168.2.17:57021 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2108 bytes <-> 10 pkts/3709 bytes][Goodput ratio: 49.9/82.0][13.48 sec][bytes ratio: -0.275 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1019.6/49.6 13018/120 3463.9/56.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131.8/370.9 583/1506 130.8/486.5][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 8 TCP 192.168.2.17:57020 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2103 bytes <-> 11 pkts/3562 bytes][Goodput ratio: 49.8/79.4][13.49 sec][bytes ratio: -0.258 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1019.4/44.5 13011/122 3461.9/56.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131.4/323.8 583/1506 130.5/472.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 9 TCP 192.168.2.17:57019 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2095 bytes <-> 11 pkts/3527 bytes][Goodput ratio: 49.6/79.2][13.49 sec][bytes ratio: -0.255 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1020.2/43.2 13026/120 3466.0/54.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 130.9/320.6 583/1506 129.9/473.1][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 10 TCP 192.168.2.17:57023 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2049 bytes <-> 11 pkts/3562 bytes][Goodput ratio: 51.1/79.4][0.58 sec][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.0/58.0 168/181 54.2/76.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.6/323.8 583/1506 133.1/472.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 11 TCP 192.168.2.17:57025 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2041 bytes <-> 11 pkts/3527 bytes][Goodput ratio: 50.9/79.2][0.58 sec][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.8/58.4 166/184 54.4/76.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.1/320.6 583/1506 132.6/473.1][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 12 TCP 192.168.2.17:49226 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][13 pkts/1688 bytes <-> 11 pkts/3569 bytes][Goodput ratio: 48.4/79.4][9.90 sec][bytes ratio: -0.358 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58.4/57.4 113/154 53.2/65.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 129.8/324.5 502/1506 120.2/473.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 13 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.7/0.0][15.76 sec][Host: lucas-imac][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46] + 14 TCP 23.57.24.16:443 <-> 192.168.2.17:57016 [proto: 91/TLS][cat: Web/5][6 pkts/408 bytes <-> 6 pkts/471 bytes][Goodput ratio: 11.7/13.3][0.65 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/16 158.5/4.0 347/16 156.8/6.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 68.0/78.5 90/105 16.1/14.7] + 15 TCP 192.168.2.17:56996 <-> 17.248.146.144:443 [proto: 91.140/TLS.Apple][cat: Web/5][4 pkts/341 bytes <-> 4 pkts/264 bytes][Goodput ratio: 22.5/0.0][0.03 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/0 8.3/0.0 25/0 11.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.2/66.0 112/66 20.0/0.0] + 16 TCP 192.168.2.17:57017 <-> 2.18.232.118:443 [proto: 91/TLS][cat: Web/5][5 pkts/317 bytes <-> 3 pkts/221 bytes][Goodput ratio: 7.2/10.4][0.03 sec][bytes ratio: 0.178 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.0/0.0 24/0 10.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 63.4/73.7 89/89 13.6/10.8] + 17 UDP 192.168.2.17:56263 <-> 192.168.2.1:53 [proto: 5.39/DNS.Signal][cat: Chat/9][1 pkts/97 bytes <-> 1 pkts/193 bytes][Goodput ratio: 56.1/77.8][0.03 sec][Host: textsecure-service.whispersystems.org][PLAIN TEXT (textsecure)] + 18 UDP 192.168.2.17:60793 <-> 192.168.2.1:53 [proto: 5/DNS][cat: Media/1][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50.0/57.8][0.04 sec][Host: e673.dsce9.akamaiedge.net][PLAIN TEXT (akamaiedge)] + 19 ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] diff --git a/tests/result/sip.pcap.out b/tests/result/sip.pcap.out index c71558932..c6bddc388 100644 --- a/tests/result/sip.pcap.out +++ b/tests/result/sip.pcap.out @@ -2,7 +2,7 @@ RTP 9 1926 1 SIP 102 47087 2 RTCP 1 146 1 - 1 UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][53 pkts/21940 bytes <-> 31 pkts/15635 bytes][bytes ratio: 0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 158/13 25540.8/22025.7 150200/89874 25265.4/23488.8][Pkt Len c2s/s2c min/avg/max/stddev: 47/342 414.0/504.4 1118/711 343.3/85.4][PLAIN TEXT (REGISTER sip)] - 2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][15 pkts/7568 bytes <-> 3 pkts/1944 bytes][bytes ratio: 0.591 (Upload)][IAT c2s/s2c min/avg/max/stddev: 507/34556 4745.9/34556.0 32608/34556 8187.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 389/637 504.5/648.0 864/656 179.9/8.0][PLAIN TEXT (INVITE sip)] - 3 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][9 pkts/1926 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 19.8/0.0 69/0 23.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214.0/0.0 214/0 0.0/0.0][PLAIN TEXT (VRUDKBuYs)] - 4 UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 165/RTCP][cat: VoIP/10][1 pkts/146 bytes -> 0 pkts/0 bytes][PLAIN TEXT (11894297)] + 1 UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][53 pkts/21940 bytes <-> 31 pkts/15635 bytes][Goodput ratio: 89.9/91.7][1521.57 sec][bytes ratio: 0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 158/13 25540.8/22025.7 150200/89874 25265.4/23488.8][Pkt Len c2s/s2c min/avg/max/stddev: 47/342 414.0/504.4 1118/711 343.3/85.4][PLAIN TEXT (REGISTER sip)] + 2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][15 pkts/7568 bytes <-> 3 pkts/1944 bytes][Goodput ratio: 91.7/93.5][67.09 sec][bytes ratio: 0.591 (Upload)][IAT c2s/s2c min/avg/max/stddev: 507/34556 4745.9/34556.0 32608/34556 8187.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 389/637 504.5/648.0 864/656 179.9/8.0][PLAIN TEXT (INVITE sip)] + 3 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][9 pkts/1926 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][0.16 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 19.8/0.0 69/0 23.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214.0/0.0 214/0 0.0/0.0][PLAIN TEXT (VRUDKBuYs)] + 4 UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 165/RTCP][cat: VoIP/10][1 pkts/146 bytes -> 0 pkts/0 bytes][Goodput ratio: 70.7/0.0][< 1 sec][PLAIN TEXT (11894297)] diff --git a/tests/result/skype-conference-call.pcap.out b/tests/result/skype-conference-call.pcap.out index 524613932..c3121d3dc 100644 --- a/tests/result/skype-conference-call.pcap.out +++ b/tests/result/skype-conference-call.pcap.out @@ -1,3 +1,3 @@ SkypeCall 200 39687 1 - 1 UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 78.38/STUN.SkypeCall][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes][bytes ratio: 0.252 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.0/8.2 147/120 22.4/26.7][Pkt Len c2s/s2c min/avg/max/stddev: 74/77 186.8/221.5 957/957 244.4/233.0][PLAIN TEXT (vRKSoR)] + 1 UDP 192.168.2.20:49282 <-> 104.46.40.49:60642 [proto: 78.38/STUN.SkypeCall][cat: VoIP/10][133 pkts/24845 bytes <-> 67 pkts/14842 bytes][Goodput ratio: 77.5/81.0][1.50 sec][bytes ratio: 0.252 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.0/8.2 147/120 22.4/26.7][Pkt Len c2s/s2c min/avg/max/stddev: 74/77 186.8/221.5 957/957 244.4/233.0][PLAIN TEXT (vRKSoR)] diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out index 4ee4a9589..45d402e2a 100644 --- a/tests/result/skype.pcap.out +++ b/tests/result/skype.pcap.out @@ -19,299 +19,299 @@ JA3 Host Stats: 1 192.168.1.34 2 - 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.125/TLS.Skype][cat: Web/5][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][bytes ratio: -0.571 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1002.2/607.6 30166/30261 4602.0/3438.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 227.5/777.8 1506/1506 423.1/552.7][TLSv1][JA3C: 06207a1730b5deeb207b0556e102ded2][Server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Certificate SHA-1: 95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51][Validity: 2014-10-27 22:51:07 - 2016-10-26 22:51:07][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] - 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes][bytes ratio: -0.268 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 448.5/356.9 8300/8646 1135.8/1099.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 260.7/433.2 1506/1506 342.9/569.4][PLAIN TEXT ( 0sKWL)] - 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1135.8/0.0 19950/0 4578.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 327/0 373.2/0.0 405/0 28.8/0.0][PLAIN TEXT (NOTIFY )] - 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][bytes ratio: -0.050 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 114.6/85.0 899/1012 249.9/251.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 224.1/247.7 680/1494 261.3/323.6][TLSv1.2][Client: p05-keyvalueservice.icloud.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 5 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 508.0/0.0 3090/0 1136.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 475/0 520.1/0.0 555/0 30.8/0.0][PLAIN TEXT (NOTIFY )] - 6 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/TLS.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 141/2 23483.2/23483.3 53811/53950 23772.7/23909.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 204.5/543.0 343/1020 138.5/477.0] - 7 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes][bytes ratio: 0.856 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2304.5/21.5 5155/43 2241.1/21.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 299.2/93.0 398/172 147.0/45.9] - 8 TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][bytes ratio: 0.960 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4362.3/0.0 8437/0 3866.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 212.1/74.0 257/74 81.1/0.0][TLSv1][Client: apps.skypeassets.com][JA3C: 799135475da362592a4be9199d258726] - 9 TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][bytes ratio: 0.958 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3492.5/0.0 6700/0 2904.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 216.3/74.0 251/74 72.3/0.0][TLSv1][Client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726] - 10 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30053/0 30073.4/0.0 30087/0 11.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 544/0 544.0/0.0 544/0 0.0/0.0][PLAIN TEXT ( 1573195445)] - 11 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30053/0 30073.8/0.0 30087/0 12.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 544/0 544.0/0.0 544/0 0.0/0.0][PLAIN TEXT ( 1573195445)] - 12 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)] - 13 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)] - 14 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][bytes ratio: 0.829 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1686.5/0.0 6249/0 2226.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 178.3/66.7 233/74 77.4/5.7][TLSv1][Client: apps.skype.com] - 15 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes][bytes ratio: 0.290 (Upload)][IAT c2s/s2c min/avg/max/stddev: 228/1 16680.0/16680.0 43974/44201 18098.6/18356.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201.8/111.0 471/156 151.4/45.0] - 16 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes][bytes ratio: 0.772 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/73 2359.7/73.0 8785/73 2805.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 119.5/66.7 138/74 27.3/5.7] - 17 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/66 2027.6/66.0 7535/66 2315.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 107.1/66.7 138/74 21.3/5.7] - 18 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.642 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 1416.3/77.0 5596/77 1925.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 108.8/95.0 138/145 30.7/35.5] - 19 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.553 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/144 2461.8/3596.5 14821/7049 4469.8/3452.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 110.7/87.8 138/145 34.2/33.2] - 20 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.628 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/72 1413.6/72.0 4128/72 1485.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 104.1/95.0 138/145 27.8/35.5] - 21 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes][bytes ratio: 0.260 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 2790.0/4672.2 15237/15319 4910.4/5535.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 86.8/62.3 381/75 93.3/4.9] - 22 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes][bytes ratio: 0.679 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/124 1296.3/124.0 4572/124 1446.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/81.0 138/103 28.8/15.9] - 23 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes][bytes ratio: 0.627 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/124 1280.5/124.0 4315/124 1403.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 100.6/92.3 138/137 25.7/31.8] - 24 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/TLS][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes][bytes ratio: 0.682 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/128 1424.0/128.0 6319/128 1854.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 101.8/77.0 138/91 26.4/10.4] - 25 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes][bytes ratio: 0.502 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 2230.2/36.0 8404/71 2519.3/35.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.4/89.8 141/159 18.0/40.3] - 26 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes][bytes ratio: 0.416 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1603.1/65.5 5463/131 1891.1/65.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.5/105.2 172/163 27.7/38.8] - 27 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes][bytes ratio: 0.631 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/126 1349.7/126.0 5288/126 1597.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 95.9/86.7 138/120 23.3/23.8] - 28 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.499 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/148 2389.8/3555.5 14149/6963 4258.2/3407.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 95.5/87.8 138/145 24.3/33.2] - 29 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes][bytes ratio: 0.443 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 1603.2/66.5 5454/128 1889.8/61.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.7/97.5 162/138 25.1/29.1] - 30 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes][bytes ratio: 0.550 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2269.8/41.0 8492/76 2559.2/35.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.5/78.8 143/115 18.5/21.5] - 31 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/TLS][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes][bytes ratio: 0.640 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/130 1176.7/130.0 4498/130 1453.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103.6/83.3 138/110 29.2/19.1] - 32 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes][bytes ratio: 0.406 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 1595.5/66.0 5396/130 1974.0/64.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.0/103.0 127/146 16.2/33.9] - 33 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/TLS][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes][bytes ratio: 0.709 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/66 2170.5/66.0 8161/66 2541.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 90.5/66.7 138/74 16.7/5.7] - 34 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes][bytes ratio: 0.459 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1516.8/38.5 5471/77 1773.9/38.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.9/92.8 152/157 22.5/37.2] - 35 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1750.5/71.0 5966/142 2162.6/71.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.2/96.0 129/125 16.7/26.2] - 36 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes][bytes ratio: 0.387 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 2652.3/2383.0 13157/7000 3964.6/3265.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.3/83.0 166/135 27.2/26.2] - 37 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes][bytes ratio: 0.468 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2080.9/67.0 5842/128 2142.2/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.4/90.0 145/146 20.7/32.5] - 38 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes][bytes ratio: 0.590 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/129 1406.8/129.0 6102/129 1797.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 89.5/92.3 138/137 20.7/31.8] - 39 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes][bytes ratio: 0.634 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/133 1364.4/133.0 5509/133 1647.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91.8/82.3 138/107 21.5/17.7] - 40 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes][bytes ratio: 0.649 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/126 1311.5/126.0 4764/126 1485.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 92.4/78.7 138/96 21.7/12.7] - 41 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes][bytes ratio: 0.501 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2789.4/64.0 14182/123 4002.0/59.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.2/83.5 136/134 17.4/29.6] - 42 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes][bytes ratio: 0.617 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/211 1607.9/211.0 4614/211 1688.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 97.6/84.7 138/114 25.5/21.0] - 43 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes][bytes ratio: 0.522 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2859.4/65.5 14565/131 4102.2/65.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.7/79.2 142/117 18.9/22.4] - 44 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes][bytes ratio: 0.644 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/129 1323.9/129.0 4948/129 1521.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90.7/78.7 138/96 21.1/12.7] - 45 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes][bytes ratio: 0.508 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2831.6/65.0 14348/124 4046.3/59.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 76.1/80.8 121/123 13.5/24.9] - 46 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/TLS][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.465 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/128 2019.1/1896.0 10839/3664 3283.8/1768.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87.3/87.8 138/145 21.0/33.2] - 47 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2831.3/105.5 12195/206 3629.4/100.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 80.8/84.2 175/137 28.7/30.9] - 48 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes][bytes ratio: 0.591 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/127 1331.9/127.0 6326/127 1843.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 86.6/89.0 138/127 19.9/27.1] - 49 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes][bytes ratio: 0.378 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 2605.1/2274.3 12714/6673 3839.5/3110.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.9/81.2 125/126 16.3/22.7] - 50 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.557 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/299 1709.2/299.0 4196/299 1640.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 100.2/95.0 138/145 28.9/35.5] - 51 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes][bytes ratio: 0.308 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2110.9/517.3 6939/1415 2450.6/636.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.0/88.4 136/162 20.0/37.0] - 52 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 2769.4/2594.0 13054/7485 4056.4/3460.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.5/85.8 141/149 21.4/31.8] - 53 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes][bytes ratio: 0.579 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/146 1648.0/146.0 7365/146 2216.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 90.8/66.5 138/74 18.2/5.0] - 54 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes][bytes ratio: 0.635 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/128 1378.8/128.0 5639/128 1681.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 86.0/76.7 138/90 19.8/10.0] - 55 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2765.0/2512.0 13013/7241 4050.9/3346.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.7/79.2 166/116 28.3/18.7] - 56 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2800.3/2554.7 13330/7366 4127.6/3404.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.5/83.2 120/136 15.7/26.6] - 57 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 1952.1/64.5 5189/127 2093.3/62.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.6/96.5 143/172 21.9/43.7] - 58 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes][bytes ratio: 0.356 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1158.2/147.5 4662/295 1409.0/147.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.7/97.5 122/128 16.3/27.7] - 59 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.419 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/314 3464.1/3681.5 14258/7049 4499.3/3367.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 85.7/87.8 138/145 21.7/33.2] - 60 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.503 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/263 850.3/263.0 2602/263 907.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 95.8/95.0 138/145 28.1/35.5] - 61 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes][bytes ratio: 0.573 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/295 926.0/295.0 3053/295 1023.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87.2/79.0 138/97 22.1/13.1] - 62 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/295 1918.4/295.0 4327/295 1631.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91.3/95.0 138/145 25.3/35.5] - 63 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes][PLAIN TEXT (afpovertc)] - 64 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes][PLAIN TEXT (afpovertc)] - 65 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes][bytes ratio: 0.085 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/63 1107.2/1825.3 3027/3063 1309.1/1279.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 69.5/88.0 123/166 25.5/45.1] - 66 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 253/0 4948.1/0.0 31039/0 10655.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82.0/0.0 82/0 0.0/0.0] - 67 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4408.7/0.0 9094/0 3390.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 93/0 93.0/0.0 93/0 0.0/0.0][PLAIN TEXT (config)] - 68 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4408.8/0.0 9094/0 3390.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 93/0 93.0/0.0 93/0 0.0/0.0][PLAIN TEXT (config)] - 69 UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1001/0 10064.6/0.0 27100/0 10268.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 72/0 72.0/0.0 72/0 0.0/0.0] - 70 UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1098/0 7643.0/0.0 27099/0 8538.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] - 71 UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1098/0 7643.0/0.0 27099/0 8538.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] - 72 UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1051/0 4397.5/0.0 9075/0 3396.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 73 UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1040/0 4388.0/0.0 9099/0 3402.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] - 74 UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1083/0 4405.8/0.0 9093/0 3395.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 75 UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1040/0 4388.0/0.0 9099/0 3402.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] - 76 UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1051/0 4397.5/0.0 9075/0 3396.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 77 UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1083/0 4405.8/0.0 9093/0 3395.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 78 UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1055/0 4389.0/0.0 9029/0 3377.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 79 UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1055/0 4389.0/0.0 9029/0 3377.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 80 UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4399.0/0.0 9084/0 3382.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] - 81 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1007/0 4374.0/0.0 9080/0 3405.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] - 82 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1007/0 4373.8/0.0 9080/0 3405.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] - 83 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4399.0/0.0 9084/0 3382.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] - 84 TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/TLS][cat: Web/5][8 pkts/608 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1001/0 1573.6/0.0 4002/0 1049.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 76.0/0.0 78/0 5.3/0.0] - 85 TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/64 1662.8/2751.3 6736/6736 2591.0/2874.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.8/61.5 78/66 8.8/2.6] - 86 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4403.0/0.0 9097/0 3414.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 87 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1060/0 4384.5/0.0 9098/0 3397.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 88 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1060/0 4384.3/0.0 9098/0 3396.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 89 UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4403.0/0.0 9097/0 3414.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 90 UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1006/0 4409.0/0.0 9093/0 3412.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 76/0 76.0/0.0 76/0 0.0/0.0] - 91 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1006/0 4409.2/0.0 9093/0 3412.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 76/0 76.0/0.0 76/0 0.0/0.0] - 92 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4424.5/0.0 9093/0 3397.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] - 93 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1087/0 4424.0/0.0 9094/0 3398.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] - 94 TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/297 bytes <-> 3 pkts/186 bytes][bytes ratio: 0.230 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/43 24.5/43.0 49/43 24.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 99.0/62.0 165/66 47.7/2.8] - 95 UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][5 pkts/430 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)] - 96 TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][bytes ratio: 0.013 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/43 21.0/43.0 42/43 21.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63.7/62.0 78/66 10.3/2.8] - 97 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com] - 98 UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 99 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 100 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 101 UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 102 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 103 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 104 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)] - 105 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net][PLAIN TEXT (valueservice)] - 106 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] - 107 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] - 108 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] - 109 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net][PLAIN TEXT (akamaiedge)] - 110 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] - 111 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes] - 112 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 113 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 114 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 115 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 116 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 117 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 118 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 119 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 120 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 122 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 123 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 124 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 131 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 132 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 134 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 135 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 136 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 137 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 229 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 230 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 231 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 237 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 238 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 239 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 240 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 241 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 242 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 243 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 244 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 245 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 246 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 247 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 248 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 249 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 250 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 251 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 252 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 253 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 254 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 255 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 256 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.34:50028 <-> 157.56.126.211:443 [proto: 91.125/TLS.Skype][cat: Web/5][187 pkts/42539 bytes <-> 200 pkts/155551 bytes][Goodput ratio: 71.0/91.5][166.18 sec][bytes ratio: -0.571 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1002.2/607.6 30166/30261 4602.0/3438.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 227.5/777.8 1506/1506 423.1/552.7][TLSv1][JA3C: 06207a1730b5deeb207b0556e102ded2][Server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Certificate SHA-1: 95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51][Validity: 2014-10-27 22:51:07 - 2016-10-26 22:51:07][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + 2 TCP 192.168.1.34:50108 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][231 pkts/60232 bytes <-> 241 pkts/104395 bytes][Goodput ratio: 74.7/84.8][96.43 sec][bytes ratio: -0.268 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 448.5/356.9 8300/8646 1135.8/1099.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 260.7/433.2 1506/1506 342.9/569.4][PLAIN TEXT ( 0sKWL)] + 3 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][79 pkts/29479 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.7/0.0][160.13 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1135.8/0.0 19950/0 4578.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 327/0 373.2/0.0 405/0 28.8/0.0][PLAIN TEXT (NOTIFY )] + 4 TCP 192.168.1.34:50128 <-> 17.172.100.36:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][43 pkts/9635 bytes <-> 43 pkts/10651 bytes][Goodput ratio: 75.6/77.3][46.31 sec][bytes ratio: -0.050 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 114.6/85.0 899/1012 249.9/251.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 224.1/247.7 680/1494 261.3/323.6][TLSv1.2][Client: p05-keyvalueservice.icloud.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 5 UDP 192.168.1.92:50084 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/7281 bytes -> 0 pkts/0 bytes][Goodput ratio: 91.9/0.0][6.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 508.0/0.0 3090/0 1136.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 475/0 520.1/0.0 555/0 30.8/0.0][PLAIN TEXT (NOTIFY )] + 6 TCP 108.160.170.46:443 <-> 192.168.1.34:49445 [proto: 91.121/TLS.Dropbox][cat: Cloud/13][8 pkts/1636 bytes <-> 8 pkts/4344 bytes][Goodput ratio: 67.7/87.8][141.04 sec][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 141/2 23483.2/23483.3 53811/53950 23772.7/23909.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 204.5/543.0 343/1020 138.5/477.0] + 7 TCP 192.168.1.34:50126 <-> 91.190.216.23:12350 [proto: 125/Skype][cat: VoIP/10][16 pkts/4788 bytes <-> 4 pkts/372 bytes][Goodput ratio: 77.7/28.4][32.96 sec][bytes ratio: 0.856 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2304.5/21.5 5155/43 2241.1/21.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 299.2/93.0 398/172 147.0/45.9] + 8 TCP 192.168.1.34:50027 <-> 23.223.73.34:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][17 pkts/3605 bytes <-> 1 pkts/74 bytes][Goodput ratio: 68.9/0.0][69.74 sec][bytes ratio: 0.960 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4362.3/0.0 8437/0 3866.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 212.1/74.0 257/74 81.1/0.0][TLSv1][Client: apps.skypeassets.com][JA3C: 799135475da362592a4be9199d258726] + 9 TCP 192.168.1.34:50029 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][Goodput ratio: 69.5/0.0][55.58 sec][bytes ratio: 0.958 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3492.5/0.0 6700/0 2904.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 216.3/74.0 251/74 72.3/0.0][TLSv1][Client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726] + 10 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][150.37 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30053/0 30073.4/0.0 30087/0 11.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 544/0 544.0/0.0 544/0 0.0/0.0][PLAIN TEXT ( 1573195445)] + 11 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/3264 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.3/0.0][150.37 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30053/0 30073.8/0.0 30087/0 12.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 544/0 544.0/0.0 544/0 0.0/0.0][PLAIN TEXT ( 1573195445)] + 12 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][120.16 sec][PLAIN TEXT ( 3375359593)] + 13 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][5 pkts/2720 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][120.15 sec][PLAIN TEXT ( 3375359593)] + 14 TCP 192.168.1.34:50090 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/2140 bytes <-> 3 pkts/200 bytes][Goodput ratio: 62.4/0.0][20.12 sec][bytes ratio: 0.829 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1686.5/0.0 6249/0 2226.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 178.3/66.7 233/74 77.4/5.7][TLSv1][Client: apps.skype.com] + 15 TCP 17.143.160.22:5223 <-> 192.168.1.34:49447 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/1211 bytes <-> 6 pkts/666 bytes][Goodput ratio: 67.2/40.5][66.95 sec][bytes ratio: 0.290 (Upload)][IAT c2s/s2c min/avg/max/stddev: 228/1 16680.0/16680.0 43974/44201 18098.6/18356.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201.8/111.0 471/156 151.4/45.0] + 16 TCP 192.168.1.34:50091 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1554 bytes <-> 3 pkts/200 bytes][Goodput ratio: 44.0/0.0][29.28 sec][bytes ratio: 0.772 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/73 2359.7/73.0 8785/73 2805.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 119.5/66.7 138/74 27.3/5.7] + 17 TCP 192.168.1.34:50039 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][13 pkts/1392 bytes <-> 3 pkts/200 bytes][Goodput ratio: 37.5/0.0][25.19 sec][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/66 2027.6/66.0 7535/66 2315.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 107.1/66.7 138/74 21.3/5.7] + 18 TCP 192.168.1.34:50101 <-> 157.55.235.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1305 bytes <-> 3 pkts/285 bytes][Goodput ratio: 39.3/27.6][17.34 sec][bytes ratio: 0.642 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 1416.3/77.0 5596/77 1925.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 108.8/95.0 138/145 30.7/35.5] + 19 TCP 192.168.1.34:50037 <-> 157.55.56.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1218 bytes <-> 4 pkts/351 bytes][Goodput ratio: 40.4/22.4][28.33 sec][bytes ratio: 0.553 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/144 2461.8/3596.5 14821/7049 4469.8/3452.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 110.7/87.8 138/145 34.2/33.2] + 20 TCP 192.168.1.34:50080 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/285 bytes][Goodput ratio: 36.6/27.6][17.15 sec][bytes ratio: 0.628 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/72 1413.6/72.0 4128/72 1485.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 104.1/95.0 138/145 27.8/35.5] + 21 TCP 192.168.1.34:50111 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/955 bytes <-> 9 pkts/561 bytes][Goodput ratio: 35.3/5.5][31.00 sec][bytes ratio: 0.260 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 2790.0/4672.2 15237/15319 4910.4/5535.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 86.8/62.3 381/75 93.3/4.9] + 22 TCP 192.168.1.34:50081 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1270 bytes <-> 3 pkts/243 bytes][Goodput ratio: 37.6/15.2][18.12 sec][bytes ratio: 0.679 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/124 1296.3/124.0 4572/124 1446.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/81.0 138/103 28.8/15.9] + 23 TCP 192.168.1.34:50072 <-> 157.55.130.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1207 bytes <-> 3 pkts/277 bytes][Goodput ratio: 34.4/25.5][17.90 sec][bytes ratio: 0.627 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/124 1280.5/124.0 4315/124 1403.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 100.6/92.3 138/137 25.7/31.8] + 24 TCP 192.168.1.34:50066 <-> 65.55.223.12:443 [proto: 91/TLS][cat: Web/5][12 pkts/1221 bytes <-> 3 pkts/231 bytes][Goodput ratio: 35.1/10.8][19.92 sec][bytes ratio: 0.682 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/128 1424.0/128.0 6319/128 1854.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 101.8/77.0 138/91 26.4/10.4] + 25 TCP 192.168.1.34:50076 <-> 157.55.235.156:40014 [proto: 125/Skype][cat: VoIP/10][14 pkts/1083 bytes <-> 4 pkts/359 bytes][Goodput ratio: 13.6/25.8][27.76 sec][bytes ratio: 0.502 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 2230.2/36.0 8404/71 2519.3/35.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.4/89.8 141/159 18.0/40.3] + 26 TCP 192.168.1.34:50054 <-> 157.55.130.153:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1020 bytes <-> 4 pkts/421 bytes][Goodput ratio: 15.9/35.3][19.16 sec][bytes ratio: 0.416 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1603.1/65.5 5463/131 1891.1/65.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.5/105.2 172/163 27.7/38.8] + 27 TCP 192.168.1.34:50045 <-> 157.55.130.167:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1151 bytes <-> 3 pkts/260 bytes][Goodput ratio: 31.2/20.7][18.87 sec][bytes ratio: 0.631 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/126 1349.7/126.0 5288/126 1597.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 95.9/86.7 138/120 23.3/23.8] + 28 TCP 192.168.1.34:50069 <-> 157.55.56.160:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1050 bytes <-> 4 pkts/351 bytes][Goodput ratio: 30.8/22.4][27.57 sec][bytes ratio: 0.499 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/148 2389.8/3555.5 14149/6963 4258.2/3407.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 95.5/87.8 138/145 24.3/33.2] + 29 TCP 192.168.1.34:50034 <-> 157.55.130.140:40033 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/390 bytes][Goodput ratio: 15.0/30.2][19.16 sec][bytes ratio: 0.443 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 1603.2/66.5 5454/128 1889.8/61.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.7/97.5 162/138 25.1/29.1] + 30 TCP 192.168.1.34:50088 <-> 157.55.235.146:33033 [proto: 125/Skype][cat: VoIP/10][14 pkts/1085 bytes <-> 4 pkts/315 bytes][Goodput ratio: 13.7/15.5][28.25 sec][bytes ratio: 0.550 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2269.8/41.0 8492/76 2559.2/35.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.5/78.8 143/115 18.5/21.5] + 31 TCP 192.168.1.34:50102 <-> 65.55.223.15:443 [proto: 91/TLS][cat: Web/5][11 pkts/1140 bytes <-> 3 pkts/250 bytes][Goodput ratio: 36.3/17.5][11.63 sec][bytes ratio: 0.640 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/130 1176.7/130.0 4498/130 1453.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103.6/83.3 138/110 29.2/19.1] + 32 TCP 192.168.1.34:50092 <-> 157.55.130.155:40020 [proto: 125/Skype][cat: VoIP/10][13 pkts/975 bytes <-> 4 pkts/412 bytes][Goodput ratio: 12.0/33.9][19.05 sec][bytes ratio: 0.406 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 1595.5/66.0 5396/130 1974.0/64.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.0/103.0 127/146 16.2/33.9] + 33 TCP 192.168.1.34:50079 <-> 213.199.179.142:443 [proto: 91/TLS][cat: Web/5][13 pkts/1176 bytes <-> 3 pkts/200 bytes][Goodput ratio: 26.0/0.0][26.92 sec][bytes ratio: 0.709 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/66 2170.5/66.0 8161/66 2541.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 90.5/66.7 138/74 16.7/5.7] + 34 TCP 192.168.1.34:50097 <-> 157.55.235.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1000 bytes <-> 4 pkts/371 bytes][Goodput ratio: 14.2/26.6][17.70 sec][bytes ratio: 0.459 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1516.8/38.5 5471/77 1773.9/38.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.9/92.8 152/157 22.5/37.2] + 35 TCP 192.168.1.34:50033 <-> 157.55.56.170:40015 [proto: 125/Skype][cat: VoIP/10][13 pkts/977 bytes <-> 4 pkts/384 bytes][Goodput ratio: 12.2/29.1][20.90 sec][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1750.5/71.0 5966/142 2162.6/71.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.2/96.0 129/125 16.7/26.2] + 36 TCP 192.168.1.34:50053 <-> 157.55.56.146:40030 [proto: 125/Skype][cat: VoIP/10][12 pkts/940 bytes <-> 5 pkts/415 bytes][Goodput ratio: 15.7/18.5][28.23 sec][bytes ratio: 0.387 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 2652.3/2383.0 13157/7000 3964.6/3265.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.3/83.0 166/135 27.2/26.2] + 37 TCP 192.168.1.34:50044 <-> 157.55.130.167:40031 [proto: 125/Skype][cat: VoIP/10][13 pkts/993 bytes <-> 4 pkts/360 bytes][Goodput ratio: 13.6/24.4][24.38 sec][bytes ratio: 0.468 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2080.9/67.0 5842/128 2142.2/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.4/90.0 145/146 20.7/32.5] + 38 TCP 192.168.1.34:50051 <-> 157.55.130.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1074 bytes <-> 3 pkts/277 bytes][Goodput ratio: 26.2/25.5][19.68 sec][bytes ratio: 0.590 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/129 1406.8/129.0 6102/129 1797.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 89.5/92.3 138/137 20.7/31.8] + 39 TCP 192.168.1.34:50057 <-> 157.55.130.153:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1102 bytes <-> 3 pkts/247 bytes][Goodput ratio: 28.1/16.5][19.10 sec][bytes ratio: 0.634 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/133 1364.4/133.0 5509/133 1647.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91.8/82.3 138/107 21.5/17.7] + 40 TCP 192.168.1.34:50048 <-> 157.55.130.150:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1109 bytes <-> 3 pkts/236 bytes][Goodput ratio: 28.6/12.7][18.34 sec][bytes ratio: 0.649 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/126 1311.5/126.0 4764/126 1485.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 92.4/78.7 138/96 21.7/12.7] + 41 TCP 192.168.1.34:50077 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/334 bytes][Goodput ratio: 13.3/20.3][32.24 sec][bytes ratio: 0.501 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2789.4/64.0 14182/123 4002.0/59.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.2/83.5 136/134 17.4/29.6] + 42 TCP 192.168.1.34:50036 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/1074 bytes <-> 3 pkts/254 bytes][Goodput ratio: 32.4/18.8][18.41 sec][bytes ratio: 0.617 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/211 1607.9/211.0 4614/211 1688.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 97.6/84.7 138/114 25.5/21.0] + 43 TCP 192.168.1.34:50074 <-> 157.55.130.173:40003 [proto: 125/Skype][cat: VoIP/10][13 pkts/1010 bytes <-> 4 pkts/317 bytes][Goodput ratio: 13.8/16.0][33.05 sec][bytes ratio: 0.522 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2859.4/65.5 14565/131 4102.2/65.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.7/79.2 142/117 18.9/22.4] + 44 TCP 192.168.1.34:50078 <-> 157.55.130.173:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1088 bytes <-> 3 pkts/236 bytes][Goodput ratio: 27.2/12.7][18.51 sec][bytes ratio: 0.644 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/129 1323.9/129.0 4948/129 1521.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90.7/78.7 138/96 21.1/12.7] + 45 TCP 192.168.1.34:50070 <-> 157.55.130.170:40018 [proto: 125/Skype][cat: VoIP/10][13 pkts/989 bytes <-> 4 pkts/323 bytes][Goodput ratio: 12.0/17.6][32.74 sec][bytes ratio: 0.508 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2831.6/65.0 14348/124 4046.3/59.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 76.1/80.8 121/123 13.5/24.9] + 46 TCP 192.168.1.34:50030 <-> 65.55.223.33:443 [proto: 91/TLS][cat: Web/5][11 pkts/960 bytes <-> 4 pkts/351 bytes][Goodput ratio: 24.3/22.4][24.53 sec][bytes ratio: 0.465 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/128 2019.1/1896.0 10839/3664 3283.8/1768.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87.3/87.8 138/145 21.0/33.2] + 47 TCP 192.168.1.34:50032 <-> 157.56.52.44:40032 [proto: 125/Skype][cat: VoIP/10][12 pkts/969 bytes <-> 4 pkts/337 bytes][Goodput ratio: 17.0/21.0][30.85 sec][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2831.3/105.5 12195/206 3629.4/100.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 80.8/84.2 175/137 28.7/30.9] + 48 TCP 192.168.1.34:50094 <-> 157.55.130.155:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1039 bytes <-> 3 pkts/267 bytes][Goodput ratio: 23.7/22.8][18.56 sec][bytes ratio: 0.591 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/127 1331.9/127.0 6326/127 1843.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 86.6/89.0 138/127 19.9/27.1] + 49 TCP 192.168.1.34:50067 <-> 157.55.56.160:40027 [proto: 125/Skype][cat: VoIP/10][12 pkts/899 bytes <-> 5 pkts/406 bytes][Goodput ratio: 11.9/16.7][27.73 sec][bytes ratio: 0.378 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 2605.1/2274.3 12714/6673 3839.5/3110.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.9/81.2 125/126 16.3/22.7] + 50 TCP 192.168.1.34:50063 <-> 111.221.74.38:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1002 bytes <-> 3 pkts/285 bytes][Goodput ratio: 34.1/27.6][17.63 sec][bytes ratio: 0.557 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/299 1709.2/299.0 4196/299 1640.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 100.2/95.0 138/145 28.9/35.5] + 51 TCP 192.168.1.34:50049 <-> 157.55.130.166:40021 [proto: 125/Skype][cat: VoIP/10][11 pkts/836 bytes <-> 5 pkts/442 bytes][Goodput ratio: 13.1/23.5][21.99 sec][bytes ratio: 0.308 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 2110.9/517.3 6939/1415 2450.6/636.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.0/88.4 136/162 20.0/37.0] + 52 TCP 192.168.1.34:50086 <-> 111.221.77.142:40023 [proto: 125/Skype][cat: VoIP/10][11 pkts/841 bytes <-> 5 pkts/429 bytes][Goodput ratio: 13.7/21.2][28.10 sec][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 2769.4/2594.0 13054/7485 4056.4/3460.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.5/85.8 141/149 21.4/31.8] + 53 TCP 192.168.1.34:50056 <-> 157.55.56.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/999 bytes <-> 4 pkts/266 bytes][Goodput ratio: 26.1/0.0][20.97 sec][bytes ratio: 0.579 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/146 1648.0/146.0 7365/146 2216.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 90.8/66.5 138/74 18.2/5.0] + 54 TCP 192.168.1.34:50038 <-> 157.55.130.140:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1032 bytes <-> 3 pkts/230 bytes][Goodput ratio: 23.2/10.4][19.27 sec][bytes ratio: 0.635 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/128 1378.8/128.0 5639/128 1681.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 86.0/76.7 138/90 19.8/10.0] + 55 TCP 192.168.1.34:50055 <-> 111.221.74.47:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/866 bytes <-> 5 pkts/396 bytes][Goodput ratio: 16.1/14.6][28.08 sec][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2765.0/2512.0 13013/7241 4050.9/3346.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.7/79.2 166/116 28.3/18.7] + 56 TCP 192.168.1.34:50059 <-> 111.221.74.38:40015 [proto: 125/Skype][cat: VoIP/10][11 pkts/820 bytes <-> 5 pkts/416 bytes][Goodput ratio: 11.4/18.7][28.35 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2800.3/2554.7 13330/7366 4127.6/3404.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.5/83.2 120/136 15.7/26.6] + 57 TCP 192.168.1.34:50046 <-> 157.55.130.150:40011 [proto: 125/Skype][cat: VoIP/10][11 pkts/843 bytes <-> 4 pkts/386 bytes][Goodput ratio: 13.9/29.5][20.24 sec][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 1952.1/64.5 5189/127 2093.3/62.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.6/96.5 143/172 21.9/43.7] + 58 TCP 192.168.1.34:50096 <-> 111.221.74.46:40027 [proto: 125/Skype][cat: VoIP/10][11 pkts/822 bytes <-> 4 pkts/390 bytes][Goodput ratio: 11.7/30.2][13.57 sec][bytes ratio: 0.356 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1158.2/147.5 4662/295 1409.0/147.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.7/97.5 122/128 16.3/27.7] + 59 TCP 192.168.1.34:50058 <-> 111.221.74.47:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/857 bytes <-> 4 pkts/351 bytes][Goodput ratio: 23.0/22.4][27.82 sec][bytes ratio: 0.419 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/314 3464.1/3681.5 14258/7049 4499.3/3367.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 85.7/87.8 138/145 21.7/33.2] + 60 TCP 192.168.1.34:50103 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][9 pkts/862 bytes <-> 3 pkts/285 bytes][Goodput ratio: 31.1/27.6][10.17 sec][bytes ratio: 0.503 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/263 850.3/263.0 2602/263 907.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 95.8/95.0 138/145 28.1/35.5] + 61 TCP 192.168.1.34:50100 <-> 111.221.74.46:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/237 bytes][Goodput ratio: 24.3/13.0][13.66 sec][bytes ratio: 0.573 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/295 926.0/295.0 3053/295 1023.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87.2/79.0 138/97 22.1/13.1] + 62 TCP 192.168.1.34:50087 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][9 pkts/822 bytes <-> 3 pkts/285 bytes][Goodput ratio: 27.7/27.6][17.82 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/295 1918.4/295.0 4327/295 1631.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91.3/95.0 138/145 25.3/35.5] + 63 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/908 bytes -> 0 pkts/0 bytes][Goodput ratio: 72.6/0.0][13.03 sec][PLAIN TEXT (afpovertc)] + 64 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes][Goodput ratio: 79.6/0.0][13.03 sec][PLAIN TEXT (afpovertc)] + 65 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes][Goodput ratio: 16.5/31.7][5.54 sec][bytes ratio: 0.085 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/63 1107.2/1825.3 3027/3063 1309.1/1279.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 69.5/88.0 123/166 25.5/45.1] + 66 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.7/0.0][34.64 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 253/0 4948.1/0.0 31039/0 10655.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82.0/0.0 82/0 0.0/0.0] + 67 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.8/0.0][26.45 sec][Host: a.config.skype.trafficmanager.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4408.7/0.0 9094/0 3390.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 93/0 93.0/0.0 93/0 0.0/0.0][PLAIN TEXT (config)] + 68 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.8/0.0][26.45 sec][Host: a.config.skype.trafficmanager.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4408.8/0.0 9094/0 3390.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 93/0 93.0/0.0 93/0 0.0/0.0][PLAIN TEXT (config)] + 69 UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.6/0.0][80.52 sec][Host: ui.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1001/0 10064.6/0.0 27100/0 10268.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 72/0 72.0/0.0 72/0 0.0/0.0] + 70 UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.1/0.0][53.50 sec][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1098/0 7643.0/0.0 27099/0 8538.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] + 71 UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.1/0.0][53.50 sec][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1098/0 7643.0/0.0 27099/0 8538.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] + 72 UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.39 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1051/0 4397.5/0.0 9075/0 3396.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 73 UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.33 sec][Host: 335.0.7.7.3.rst13.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1040/0 4388.0/0.0 9099/0 3402.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] + 74 UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.44 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1083/0 4405.8/0.0 9093/0 3395.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 75 UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.33 sec][Host: 335.0.7.7.3.rst13.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1040/0 4388.0/0.0 9099/0 3402.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] + 76 UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.39 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1051/0 4397.5/0.0 9075/0 3396.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 77 UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.44 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1083/0 4405.8/0.0 9093/0 3395.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 78 UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.34 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1055/0 4389.0/0.0 9029/0 3377.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 79 UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.34 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1055/0 4389.0/0.0 9029/0 3377.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 80 UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.2/0.0][26.40 sec][Host: 335.0.7.7.3.rst6.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4399.0/0.0 9084/0 3382.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] + 81 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.2/0.0][26.25 sec][Host: 335.0.7.7.3.rst5.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1007/0 4374.0/0.0 9080/0 3405.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] + 82 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.2/0.0][26.25 sec][Host: 335.0.7.7.3.rst5.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1007/0 4373.8/0.0 9080/0 3405.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] + 83 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.2/0.0][26.40 sec][Host: 335.0.7.7.3.rst6.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4399.0/0.0 9084/0 3382.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] + 84 TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/TLS][cat: Web/5][8 pkts/608 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][11.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1001/0 1573.6/0.0 4002/0 1049.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 76.0/0.0 78/0 5.3/0.0] + 85 TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes][Goodput ratio: 1.4/2.0][8.32 sec][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/64 1662.8/2751.3 6736/6736 2591.0/2874.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.8/61.5 78/66 8.8/2.6] + 86 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.42 sec][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4403.0/0.0 9097/0 3414.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 87 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.31 sec][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1060/0 4384.5/0.0 9098/0 3397.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 88 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.31 sec][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1060/0 4384.3/0.0 9098/0 3396.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 89 UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.42 sec][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4403.0/0.0 9097/0 3414.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 90 UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.7/0.0][26.46 sec][Host: dsn4.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1006/0 4409.0/0.0 9093/0 3412.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 76/0 76.0/0.0 76/0 0.0/0.0] + 91 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.7/0.0][26.46 sec][Host: dsn4.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1006/0 4409.2/0.0 9093/0 3412.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 76/0 76.0/0.0 76/0 0.0/0.0] + 92 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.4/0.0][26.55 sec][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4424.5/0.0 9093/0 3397.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] + 93 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.4/0.0][26.55 sec][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1087/0 4424.0/0.0 9094/0 3398.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] + 94 TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/297 bytes <-> 3 pkts/186 bytes][Goodput ratio: 37.2/0.0][0.81 sec][bytes ratio: 0.230 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/43 24.5/43.0 49/43 24.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 99.0/62.0 165/66 47.7/2.8] + 95 UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.0/0.0][120.02 sec][PLAIN TEXT (SpotUdp)] + 96 TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][Goodput ratio: 2.6/0.0][0.43 sec][bytes ratio: 0.013 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/43 21.0/43.0 42/43 21.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63.7/62.0 78/66 10.3/2.8] + 97 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.6/0.0][8.15 sec][Host: ui.skype.com] + 98 UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.7/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 99 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.7/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 100 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.7/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 101 UDP 192.168.1.34:64560 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.7/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 102 UDP 192.168.1.34:13021 -> 76.185.207.12:45493 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.9/0.0][20.13 sec] + 103 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.9/0.0][20.13 sec] + 104 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Goodput ratio: 57.8/74.3][0.07 sec][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)] + 105 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Goodput ratio: 57.8/67.9][0.05 sec][Host: p05-keyvalueservice.icloud.com.akadns.net][PLAIN TEXT (valueservice)] + 106 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][Goodput ratio: 52.7/52.7][0.05 sec] + 107 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48.2/56.6][0.05 sec][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] + 108 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48.2/56.6][0.05 sec][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] + 109 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48.2/56.6][0.06 sec][Host: e7768.b.akamaiedge.net][PLAIN TEXT (akamaiedge)] + 110 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0.0/0.0][0.15 sec] + 111 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][125.00 sec] + 112 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 113 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 114 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 115 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 116 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 117 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 118 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 119 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 120 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 122 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 123 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 124 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 125 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 126 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 127 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 128 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 129 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 130 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 131 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 132 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 133 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 134 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 135 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 136 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 137 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 138 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 139 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 140 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 141 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 142 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 143 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 144 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 145 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 146 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 147 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 148 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 149 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 150 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 151 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 152 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 153 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 154 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 155 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 156 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 157 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 158 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 159 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 160 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 161 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 162 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 163 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 164 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 165 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 166 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 167 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 168 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 169 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 170 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 171 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 172 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 173 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 174 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 175 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 176 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 177 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 178 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 179 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 180 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 181 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 182 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 183 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 184 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 185 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 186 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 187 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 188 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 189 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 190 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 191 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 192 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 193 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 194 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 195 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 196 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 197 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 198 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 199 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 200 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 201 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 202 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 203 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 204 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 205 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 206 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 207 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 208 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 209 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 210 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 211 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 212 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 213 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 214 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 215 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 216 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 217 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 218 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 219 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 220 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 221 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 222 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 223 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 224 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 225 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 226 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 227 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 228 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 229 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 230 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 231 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 232 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 233 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 234 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 235 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 236 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 237 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 238 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 239 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 240 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 241 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 242 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 243 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 244 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 245 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 246 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 247 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 248 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 249 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 250 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 251 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 252 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 253 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 254 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 255 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 256 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] Undetected flows: - 1 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 0/Unknown][62 pkts/6941 bytes <-> 38 pkts/5325 bytes][bytes ratio: 0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1593.8/2643.5 30032/29763 5976.5/7489.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.0/140.1 820/1249 115.1/200.8] - 2 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 0/Unknown][24 pkts/3136 bytes <-> 19 pkts/2618 bytes][bytes ratio: 0.090 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 721.4/974.0 9065/8704 2021.7/2285.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 130.7/137.8 843/1090 185.2/225.7] - 3 TCP 192.168.1.34:50121 <-> 81.83.77.141:17639 [proto: 0/Unknown][24 pkts/3101 bytes <-> 16 pkts/2508 bytes][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/60 1721.2/2872.8 24826/24826 5468.0/6804.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 129.2/156.8 819/1190 181.2/267.4] - 4 TCP 192.168.1.34:50131 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/4406 bytes <-> 8 pkts/705 bytes][bytes ratio: 0.724 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 57.3/28.7 343/72 105.1/31.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 400.5/88.1 1506/237 547.2/56.5] - 5 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 0/Unknown][19 pkts/2797 bytes <-> 13 pkts/2175 bytes][bytes ratio: 0.125 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/74 378.5/470.1 2988/3022 731.0/852.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 147.2/167.3 842/1090 204.7/267.5] - 6 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 0/Unknown][18 pkts/2588 bytes <-> 13 pkts/2100 bytes][bytes ratio: 0.104 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/110 1005.1/4378.2 9427/25654 2420.4/8143.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143.8/161.5 843/1090 211.7/269.5] - 7 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 0/Unknown][15 pkts/2395 bytes <-> 8 pkts/1724 bytes][bytes ratio: 0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/109 511.9/722.8 3406/3423 926.9/1214.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 159.7/215.5 842/1090 228.3/331.7] - 8 TCP 192.168.1.34:50133 <-> 149.13.32.15:13392 [proto: 0/Unknown][9 pkts/1968 bytes <-> 7 pkts/632 bytes][bytes ratio: 0.514 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 24.4/39.2 52/53 24.4/22.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 218.7/90.3 1418/199 424.0/44.8] - 9 TCP 192.168.1.34:50127 <-> 80.14.46.121:4415 [proto: 0/Unknown][16 pkts/1169 bytes <-> 11 pkts/929 bytes][bytes ratio: 0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/96 2547.0/4791.6 28628/28628 7558.5/9764.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 73.1/84.5 108/133 13.0/20.4] - 10 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 0/Unknown][11 pkts/1578 bytes <-> 4 pkts/342 bytes][bytes ratio: 0.644 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4146.1/115.5 16349/231 5603.7/115.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 143.5/85.5 190/142 55.8/33.0] - 11 TCP 192.168.1.34:50124 <-> 81.133.19.185:44431 [proto: 0/Unknown][11 pkts/854 bytes <-> 11 pkts/782 bytes][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8918.1/9682.6 67479/67479 22166.8/23595.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.6/71.1 105/92 17.4/8.8] - 12 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 0/Unknown][14 pkts/1090 bytes <-> 6 pkts/534 bytes][bytes ratio: 0.342 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 987.2/29.3 4811/82 1530.6/37.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.9/89.0 176/154 27.9/32.0] - 13 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 0/Unknown][15 pkts/1138 bytes <-> 4 pkts/372 bytes][bytes ratio: 0.507 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1233.1/31.5 7022/63 2004.4/31.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.9/93.0 162/133 24.1/26.1] - 14 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 0/Unknown][14 pkts/1075 bytes <-> 4 pkts/431 bytes][bytes ratio: 0.428 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/90 1021.2/90.0 5153/90 1645.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.8/107.8 161/155 24.1/36.9] - 15 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 0/Unknown][14 pkts/1100 bytes <-> 5 pkts/395 bytes][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2191.7/28.5 12005/57 3483.1/28.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 78.6/79.0 158/129 22.3/25.4] - 16 TCP 192.168.1.34:50142 <-> 80.14.46.121:4415 [proto: 0/Unknown][12 pkts/985 bytes <-> 6 pkts/489 bytes][bytes ratio: 0.336 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/87 2049.7/1326.8 17165/3721 5060.4/1483.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.1/81.5 134/129 20.9/22.3] - 17 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1062 bytes <-> 4 pkts/383 bytes][bytes ratio: 0.470 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/117 1360.1/117.0 7001/117 2230.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.9/95.8 148/121 20.9/24.1] - 18 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 0/Unknown][13 pkts/1010 bytes <-> 5 pkts/402 bytes][bytes ratio: 0.431 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1395.8/1326.7 7806/3928 2258.8/1839.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.7/80.4 162/122 25.1/21.1] - 19 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1040 bytes <-> 4 pkts/362 bytes][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/115 1345.8/115.0 6890/115 2199.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.3/90.5 126/115 15.5/19.4] - 20 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 0/Unknown][13 pkts/1004 bytes <-> 4 pkts/397 bytes][bytes ratio: 0.433 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 1594.5/68.0 5410/131 1867.9/63.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.2/99.2 156/154 23.5/34.5] - 21 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 0/Unknown][13 pkts/995 bytes <-> 4 pkts/391 bytes][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 911.5/77.0 5501/77 1656.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.5/97.8 155/145 23.5/31.1] - 22 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 0/Unknown][13 pkts/995 bytes <-> 4 pkts/386 bytes][bytes ratio: 0.441 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 1598.8/69.0 7561/130 2191.1/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.5/96.5 147/153 21.2/34.1] - 23 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 0/Unknown][13 pkts/1000 bytes <-> 4 pkts/380 bytes][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1523.8/37.0 6318/74 2039.5/37.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.9/95.0 152/166 22.5/41.1] - 24 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 0/Unknown][13 pkts/971 bytes <-> 4 pkts/399 bytes][bytes ratio: 0.418 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 1599.5/69.0 5423/130 1880.5/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.7/99.8 123/164 15.2/38.6] - 25 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 0/Unknown][12 pkts/948 bytes <-> 4 pkts/407 bytes][bytes ratio: 0.399 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 1582.8/103.0 8469/204 2434.4/101.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 79.0/101.8 174/137 29.3/32.0] - 26 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 0/Unknown][13 pkts/982 bytes <-> 4 pkts/322 bytes][bytes ratio: 0.506 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2268.5/35.0 10048/65 3061.2/30.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 75.5/80.5 114/122 11.7/24.5] - 27 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 0/Unknown][11 pkts/843 bytes <-> 4 pkts/411 bytes][bytes ratio: 0.344 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1451.4/144.0 5909/288 1841.3/144.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.6/102.8 143/167 21.9/39.7] - 28 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 0/Unknown][13 pkts/994 bytes <-> 2 pkts/243 bytes][bytes ratio: 0.607 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/97 2172.2/97.0 10901/97 3289.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/78 76.5/121.5 126/165 14.8/43.5] - 29 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 0/Unknown][11 pkts/827 bytes <-> 3 pkts/325 bytes][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/218 1824.0/218.0 8820/218 2818.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 75.2/108.3 127/173 17.6/45.8] - 30 TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes][bytes ratio: 0.399 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/89 168.9/96.5 647/104 222.6/7.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79.7/85.5 139/118 22.9/19.8] - 31 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 0/Unknown][12 pkts/935 bytes <-> 2 pkts/197 bytes][bytes ratio: 0.652 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/78 1328.9/78.0 5770/78 1936.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 77.9/98.5 141/123 19.4/24.5] - 32 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 0/Unknown][11 pkts/838 bytes <-> 3 pkts/270 bytes][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2560.3/141.0 11516/282 3601.7/141.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76.2/90.0 118/130 13.8/28.5] - 33 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 0/Unknown][11 pkts/814 bytes <-> 3 pkts/287 bytes][bytes ratio: 0.479 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/225 1818.4/225.0 8691/225 2791.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 74.0/95.7 114/135 14.2/27.9] - 34 TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1001/0 1573.3/0.0 4002/0 1050.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 76.0/0.0 78/0 5.3/0.0] - 35 UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 36 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 37 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] + 1 TCP 192.168.1.34:50119 <-> 86.31.35.30:59621 [proto: 0/Unknown][62 pkts/6941 bytes <-> 38 pkts/5325 bytes][Goodput ratio: 40.9/52.7][93.11 sec][bytes ratio: 0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1593.8/2643.5 30032/29763 5976.5/7489.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112.0/140.1 820/1249 115.1/200.8] + 2 TCP 192.168.1.34:50117 <-> 71.238.7.203:18767 [proto: 0/Unknown][24 pkts/3136 bytes <-> 19 pkts/2618 bytes][Goodput ratio: 49.1/51.9][40.10 sec][bytes ratio: 0.090 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 721.4/974.0 9065/8704 2021.7/2285.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 130.7/137.8 843/1090 185.2/225.7] + 3 TCP 192.168.1.34:50121 <-> 81.83.77.141:17639 [proto: 0/Unknown][24 pkts/3101 bytes <-> 16 pkts/2508 bytes][Goodput ratio: 48.9/57.6][36.07 sec][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/60 1721.2/2872.8 24826/24826 5468.0/6804.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 129.2/156.8 819/1190 181.2/267.4] + 4 TCP 192.168.1.34:50131 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/4406 bytes <-> 8 pkts/705 bytes][Goodput ratio: 83.2/25.6][0.60 sec][bytes ratio: 0.724 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 57.3/28.7 343/72 105.1/31.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 400.5/88.1 1506/237 547.2/56.5] + 5 TCP 192.168.1.34:50138 <-> 71.238.7.203:18767 [proto: 0/Unknown][19 pkts/2797 bytes <-> 13 pkts/2175 bytes][Goodput ratio: 54.7/60.0][36.29 sec][bytes ratio: 0.125 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/74 378.5/470.1 2988/3022 731.0/852.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 147.2/167.3 842/1090 204.7/267.5] + 6 TCP 192.168.1.34:50118 <-> 5.248.186.221:31010 [proto: 0/Unknown][18 pkts/2588 bytes <-> 13 pkts/2100 bytes][Goodput ratio: 53.6/58.5][39.97 sec][bytes ratio: 0.104 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/110 1005.1/4378.2 9427/25654 2420.4/8143.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143.8/161.5 843/1090 211.7/269.5] + 7 TCP 192.168.1.34:50139 <-> 5.248.186.221:31010 [proto: 0/Unknown][15 pkts/2395 bytes <-> 8 pkts/1724 bytes][Goodput ratio: 58.1/68.6][37.03 sec][bytes ratio: 0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/109 511.9/722.8 3406/3423 926.9/1214.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 159.7/215.5 842/1090 228.3/331.7] + 8 TCP 192.168.1.34:50133 <-> 149.13.32.15:13392 [proto: 0/Unknown][9 pkts/1968 bytes <-> 7 pkts/632 bytes][Goodput ratio: 69.2/25.6][0.29 sec][bytes ratio: 0.514 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 24.4/39.2 52/53 24.4/22.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 218.7/90.3 1418/199 424.0/44.8] + 9 TCP 192.168.1.34:50127 <-> 80.14.46.121:4415 [proto: 0/Unknown][16 pkts/1169 bytes <-> 11 pkts/929 bytes][Goodput ratio: 8.6/20.5][34.08 sec][bytes ratio: 0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/96 2547.0/4791.6 28628/28628 7558.5/9764.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 73.1/84.5 108/133 13.0/20.4] + 10 TCP 192.168.1.34:50134 <-> 157.56.53.47:12350 [proto: 0/Unknown][11 pkts/1578 bytes <-> 4 pkts/342 bytes][Goodput ratio: 53.2/22.2][40.57 sec][bytes ratio: 0.644 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4146.1/115.5 16349/231 5603.7/115.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 143.5/85.5 190/142 55.8/33.0] + 11 TCP 192.168.1.34:50124 <-> 81.133.19.185:44431 [proto: 0/Unknown][11 pkts/854 bytes <-> 11 pkts/782 bytes][Goodput ratio: 15.0/5.6][71.50 sec][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8918.1/9682.6 67479/67479 22166.8/23595.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.6/71.1 105/92 17.4/8.8] + 12 TCP 192.168.1.34:50122 <-> 81.133.19.185:44431 [proto: 0/Unknown][14 pkts/1090 bytes <-> 6 pkts/534 bytes][Goodput ratio: 15.2/23.6][12.48 sec][bytes ratio: 0.342 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 987.2/29.3 4811/82 1530.6/37.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.9/89.0 176/154 27.9/32.0] + 13 TCP 192.168.1.34:50116 <-> 81.83.77.141:17639 [proto: 0/Unknown][15 pkts/1138 bytes <-> 4 pkts/372 bytes][Goodput ratio: 14.0/26.8][16.65 sec][bytes ratio: 0.507 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1233.1/31.5 7022/63 2004.4/31.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.9/93.0 162/133 24.1/26.1] + 14 TCP 192.168.1.34:50123 <-> 80.14.46.121:4415 [proto: 0/Unknown][14 pkts/1075 bytes <-> 4 pkts/431 bytes][Goodput ratio: 14.0/35.9][13.31 sec][bytes ratio: 0.428 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/90 1021.2/90.0 5153/90 1645.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.8/107.8 161/155 24.1/36.9] + 15 TCP 192.168.1.34:50075 <-> 213.199.179.142:40003 [proto: 0/Unknown][14 pkts/1100 bytes <-> 5 pkts/395 bytes][Goodput ratio: 14.9/15.9][27.12 sec][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2191.7/28.5 12005/57 3483.1/28.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 78.6/79.0 158/129 22.3/25.4] + 16 TCP 192.168.1.34:50142 <-> 80.14.46.121:4415 [proto: 0/Unknown][12 pkts/985 bytes <-> 6 pkts/489 bytes][Goodput ratio: 18.4/16.5][24.21 sec][bytes ratio: 0.336 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/87 2049.7/1326.8 17165/3721 5060.4/1483.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 82.1/81.5 134/129 20.9/22.3] + 17 TCP 192.168.1.34:50137 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1062 bytes <-> 4 pkts/383 bytes][Goodput ratio: 13.0/27.9][17.74 sec][bytes ratio: 0.470 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/117 1360.1/117.0 7001/117 2230.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.9/95.8 148/121 20.9/24.1] + 18 TCP 192.168.1.34:50132 <-> 149.13.32.15:13392 [proto: 0/Unknown][13 pkts/1010 bytes <-> 5 pkts/402 bytes][Goodput ratio: 15.0/15.9][16.09 sec][bytes ratio: 0.431 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1395.8/1326.7 7806/3928 2258.8/1839.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.7/80.4 162/122 25.1/21.1] + 19 TCP 192.168.1.34:50114 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1040 bytes <-> 4 pkts/362 bytes][Goodput ratio: 11.1/23.7][17.59 sec][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/115 1345.8/115.0 6890/115 2199.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.3/90.5 126/115 15.5/19.4] + 20 TCP 192.168.1.34:50065 <-> 65.55.223.12:40031 [proto: 0/Unknown][13 pkts/1004 bytes <-> 4 pkts/397 bytes][Goodput ratio: 14.5/31.4][19.05 sec][bytes ratio: 0.433 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 1594.5/68.0 5410/131 1867.9/63.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.2/99.2 156/154 23.5/34.5] + 21 TCP 192.168.1.34:50115 <-> 86.31.35.30:59621 [proto: 0/Unknown][13 pkts/995 bytes <-> 4 pkts/391 bytes][Goodput ratio: 13.8/30.4][11.60 sec][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 911.5/77.0 5501/77 1656.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.5/97.8 155/145 23.5/31.1] + 22 TCP 192.168.1.34:50098 <-> 65.55.223.15:40026 [proto: 0/Unknown][13 pkts/995 bytes <-> 4 pkts/386 bytes][Goodput ratio: 13.8/29.5][19.09 sec][bytes ratio: 0.441 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 1598.8/69.0 7561/130 2191.1/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.5/96.5 147/153 21.2/34.1] + 23 TCP 192.168.1.34:50130 <-> 212.161.8.36:13392 [proto: 0/Unknown][13 pkts/1000 bytes <-> 4 pkts/380 bytes][Goodput ratio: 14.2/28.3][17.43 sec][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1523.8/37.0 6318/74 2039.5/37.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.9/95.0 152/166 22.5/41.1] + 24 TCP 192.168.1.34:50026 <-> 65.55.223.33:40002 [proto: 0/Unknown][13 pkts/971 bytes <-> 4 pkts/399 bytes][Goodput ratio: 11.6/31.7][19.14 sec][bytes ratio: 0.418 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 1599.5/69.0 5423/130 1880.5/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.7/99.8 123/164 15.2/38.6] + 25 TCP 192.168.1.34:50099 <-> 64.4.23.166:40022 [proto: 0/Unknown][12 pkts/948 bytes <-> 4 pkts/407 bytes][Goodput ratio: 16.4/33.1][18.08 sec][bytes ratio: 0.399 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 1582.8/103.0 8469/204 2434.4/101.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 79.0/101.8 174/137 29.3/32.0] + 26 TCP 192.168.1.34:50035 <-> 213.199.179.175:40021 [proto: 0/Unknown][13 pkts/982 bytes <-> 4 pkts/322 bytes][Goodput ratio: 11.4/17.3][26.19 sec][bytes ratio: 0.506 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2268.5/35.0 10048/65 3061.2/30.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 75.5/80.5 114/122 11.7/24.5] + 27 TCP 192.168.1.34:50112 <-> 76.167.161.6:20274 [proto: 0/Unknown][11 pkts/843 bytes <-> 4 pkts/411 bytes][Goodput ratio: 13.9/33.7][13.19 sec][bytes ratio: 0.344 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1451.4/144.0 5909/288 1841.3/144.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.6/102.8 143/167 21.9/39.7] + 28 TCP 192.168.1.34:50141 <-> 80.14.46.121:4415 [proto: 0/Unknown][13 pkts/994 bytes <-> 2 pkts/243 bytes][Goodput ratio: 12.5/40.6][25.06 sec][bytes ratio: 0.607 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/97 2172.2/97.0 10901/97 3289.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/78 76.5/121.5 126/165 14.8/43.5] + 29 TCP 192.168.1.34:50113 <-> 71.238.7.203:18767 [proto: 0/Unknown][11 pkts/827 bytes <-> 3 pkts/325 bytes][Goodput ratio: 12.2/35.3][18.82 sec][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/218 1824.0/218.0 8820/218 2818.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 75.2/108.3 127/173 17.6/45.8] + 30 TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes][Goodput ratio: 15.7/20.4][18.52 sec][bytes ratio: 0.399 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/89 168.9/96.5 647/104 222.6/7.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79.7/85.5 139/118 22.9/19.8] + 31 TCP 192.168.1.34:50143 <-> 78.202.226.115:29059 [proto: 0/Unknown][12 pkts/935 bytes <-> 2 pkts/197 bytes][Goodput ratio: 14.0/28.8][14.47 sec][bytes ratio: 0.652 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/78 1328.9/78.0 5770/78 1936.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 77.9/98.5 141/123 19.4/24.5] + 32 TCP 192.168.1.34:50135 <-> 76.167.161.6:20274 [proto: 0/Unknown][11 pkts/838 bytes <-> 3 pkts/270 bytes][Goodput ratio: 11.9/23.6][24.21 sec][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2560.3/141.0 11516/282 3601.7/141.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76.2/90.0 118/130 13.8/28.5] + 33 TCP 192.168.1.34:50136 <-> 71.238.7.203:18767 [proto: 0/Unknown][11 pkts/814 bytes <-> 3 pkts/287 bytes][Goodput ratio: 10.8/26.7][18.80 sec][bytes ratio: 0.479 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/225 1818.4/225.0 8691/225 2791.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 74.0/95.7 114/135 14.2/27.9] + 34 TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][11.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1001/0 1573.3/0.0 4002/0 1050.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 76.0/0.0 78/0 5.3/0.0] + 35 UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22.1/0.0][1.78 sec] + 36 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22.1/0.0][1.83 sec] + 37 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0.0/0.0][1.67 sec] diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index 9292b8a56..962935d87 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -17,273 +17,273 @@ JA3 Host Stats: 1 192.168.1.34 2 - 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.125/TLS.Skype][cat: Web/5][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 369.6/331.3 45360/45460 3946.4/3735.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235.2/783.8 1506/1506 432.7/564.7][TLSv1][JA3C: 06207a1730b5deeb207b0556e102ded2][Server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Certificate SHA-1: 95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51][Validity: 2014-10-27 22:51:07 - 2016-10-26 22:51:07][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] - 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes][bytes ratio: -0.323 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238.2/214.7 3095/3095 411.2/400.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 303.8/611.6 1506/1506 405.8/625.9][PLAIN TEXT (nZREBS)] - 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2272.9/322.9 55625/8255 10013.7/1510.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 239.0/276.3 680/1494 273.4/358.4] - 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1254.2/0.0 19850/0 4801.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 327/0 372.3/0.0 405/0 28.7/0.0][PLAIN TEXT (NOTIFY )] - 5 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][bytes ratio: 0.958 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3429.1/0.0 6616/0 2850.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 216.3/74.0 251/74 72.3/0.0][TLSv1][Client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726] - 6 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes][bytes ratio: 0.836 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1411.2/27.5 6276/55 1938.6/27.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 270.2/96.7 401/150 156.2/37.9] - 7 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/TLS.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 222/2 10212.3/10139.0 30193/30413 14128.5/14335.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 204.5/543.0 343/1020 138.5/477.0] - 8 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][bytes ratio: 0.931 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1393.0/0.0 6406/0 1894.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 188.5/74.0 233/74 72.7/0.0][TLSv1][Client: apps.skype.com] - 9 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes][bytes ratio: 0.689 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/63 2320.6/63.0 11234/63 3205.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 111.2/66.5 138/74 23.1/5.0] - 10 TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/TLS][cat: Web/5][13 pkts/1437 bytes <-> 3 pkts/200 bytes][bytes ratio: 0.756 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/59 2001.1/59.0 7498/59 2282.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 110.5/66.7 138/74 22.8/5.7] - 11 TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1333 bytes <-> 3 pkts/251 bytes][bytes ratio: 0.683 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/123 1300.8/123.0 4567/123 1449.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 111.1/83.7 138/111 32.3/19.6] - 12 TCP 192.168.1.34:51261 <-> 157.55.235.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1284 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.637 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/81 1425.4/81.0 4989/81 1713.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 107.0/95.0 138/145 29.6/35.5] - 13 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/TLS][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes][bytes ratio: 0.684 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/129 1344.9/129.0 4168/129 1444.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 107.6/80.7 138/102 30.0/15.4] - 14 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.625 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/66 1402.0/66.0 6762/66 1929.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 102.9/95.0 138/145 27.1/35.5] - 15 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes][bytes ratio: 0.650 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/127 1319.8/127.0 4821/127 1497.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 104.1/88.3 138/125 27.8/26.1] - 16 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes][bytes ratio: 0.536 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2454.6/42.0 9200/81 2778.0/39.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.8/84.2 175/137 26.6/30.9] - 17 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes][bytes ratio: 0.626 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/199 1474.6/199.0 4207/199 1525.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/89.3 138/128 30.7/27.5] - 18 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.508 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/225 3631.1/5557.0 15560/10889 4792.1/5332.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 107.7/87.8 138/145 34.5/33.2] - 19 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 2212.9/38.5 8343/69 2500.0/30.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 75.6/91.8 117/167 12.0/43.7] - 20 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes][bytes ratio: 0.418 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1044.5/40.5 4851/80 1545.7/39.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.8/103.8 163/171 25.3/41.3] - 21 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/62 1385.6/62.0 6081/62 1874.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 94.2/95.0 138/145 22.5/35.5] - 22 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 1583.2/77.0 5936/77 2058.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 94.2/95.0 138/145 22.5/35.5] - 23 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.587 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/78 1583.7/78.0 5941/78 2059.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91.2/95.0 138/145 21.3/35.5] - 24 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.489 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3358.6/3765.0 13674/7236 4325.8/3471.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 102.2/87.8 138/145 30.3/33.2] - 25 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 1477.4/38.5 6479/71 1968.0/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.4/90.2 158/147 24.0/32.9] - 26 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/291 3829.8/6655.5 17161/13020 5285.9/6364.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 101.2/87.8 138/145 29.6/33.2] - 27 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes][bytes ratio: 0.483 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2797.1/63.0 14147/123 3995.0/60.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 75.8/86.0 118/144 12.7/33.9] - 28 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/7 1497.1/39.5 6272/72 2024.2/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.5/87.0 133/134 17.7/27.3] - 29 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes][bytes ratio: 0.519 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2832.9/65.0 14399/127 4059.8/62.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.2/79.5 136/118 17.4/22.8] - 30 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2714.5/103.0 11633/206 3499.6/103.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.2/85.2 157/141 23.7/32.6] - 31 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes][bytes ratio: 0.336 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2724.7/2317.3 12657/6632 3959.4/3053.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.0/85.2 158/146 26.1/30.6] - 32 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2935.2/2960.0 14701/8573 4584.0/3971.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.8/81.8 156/129 25.5/23.9] - 33 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes][bytes ratio: 0.343 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/16 2814.8/2537.7 12362/7300 3843.3/3369.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.7/82.6 144/133 22.2/25.5] - 34 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/TLS][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.547 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/195 632.6/195.0 2177/195 724.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 97.2/95.0 138/145 26.9/35.5] - 35 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.440 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/292 3405.5/3304.0 14303/6316 4509.7/3012.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90.2/87.8 138/145 23.2/33.2] - 36 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes][bytes ratio: 0.317 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 2764.7/2391.7 12863/6880 3982.9/3175.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.1/84.6 115/143 14.4/29.4] - 37 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes][bytes ratio: 0.416 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3510.6/4388.5 15598/8483 4823.8/4094.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 85.2/87.8 138/145 21.6/33.2] - 38 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes][bytes ratio: 0.350 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1703.2/147.5 4607/294 1700.3/146.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.5/94.5 159/164 27.6/40.3] - 39 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes][bytes ratio: 0.507 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/199 2007.5/199.0 5293/199 1964.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87.2/95.0 138/145 22.1/35.5] - 40 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes][Host: __msbrowse__][bytes ratio: 0.678 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1258 253.0/1258.0 1243/1258 495.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 104/92 159.7/92.0 271/92 78.7/0.0][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)] - 41 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes][bytes ratio: 0.206 (Upload)][IAT c2s/s2c min/avg/max/stddev: 215/1 3565.3/3493.7 10265/10480 4737.4/4940.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 168.5/111.0 279/156 102.7/45.0] - 42 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 1573195445)] - 43 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 1573195445)] - 44 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)] - 45 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)] - 46 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes][Host: __msbrowse__][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210.2/0.0 1261/0 469.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 97.1/0.0 110/0 8.1/0.0][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)] - 47 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes][bytes ratio: 0.071 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2640.0/2885.0 10417/10457 4490.2/4391.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.8/61.2 78/66 8.8/2.4] - 48 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1093/0 7642.3/0.0 27046/0 8520.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] - 49 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1093/0 7642.0/0.0 27046/0 8520.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] - 50 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1071/0 4400.3/0.0 9094/0 3402.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 51 UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1071/0 4400.3/0.0 9094/0 3402.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 52 UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4425.8/0.0 9099/0 3400.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] - 53 UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1049/0 4416.0/0.0 9099/0 3405.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 54 UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4425.8/0.0 9099/0 3400.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] - 55 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1049/0 4416.0/0.0 9099/0 3405.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] - 56 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4387.8/0.0 9077/0 3404.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] - 57 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4387.7/0.0 9077/0 3404.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] - 58 TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/42 2605.0/4327.7 8814/8854 3477.6/3601.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.8/61.5 78/66 8.8/2.6] - 59 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1023/0 7644.0/0.0 27037/0 8524.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 72/0 72.0/0.0 72/0 0.0/0.0] - 60 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1045/0 4417.2/0.0 9098/0 3408.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 61 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4409.2/0.0 9088/0 3399.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 62 UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4409.2/0.0 9088/0 3399.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 63 UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1044/0 4417.0/0.0 9098/0 3408.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] - 64 UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4426.0/0.0 9099/0 3400.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/0 77.0/0.0 77/0 0.0/0.0] - 65 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4426.0/0.0 9099/0 3400.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/0 77.0/0.0 77/0 0.0/0.0] - 66 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1089/0 4415.7/0.0 9098/0 3405.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] - 67 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4416.0/0.0 9098/0 3405.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] - 68 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes][bytes ratio: 0.223 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/54 26.5/54.0 53/54 26.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97.7/62.0 161/66 45.8/2.8] - 69 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/TLS][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1005/0 1009.8/0.0 1015/0 4.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0] - 70 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes][Host: alicegate][PLAIN TEXT ( EBEMEJEDEFEHEBFEEFCACACACACACA)] - 71 UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes][Host: lucasmacbookpro][PLAIN TEXT ( EMFFEDEBFDENEBEDECEPEPELFAFCEP)] - 72 TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/237 bytes <-> 3 pkts/186 bytes][bytes ratio: 0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/62 34.0/62.0 68/62 34.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79.0/62.0 105/66 20.8/2.8] - 73 TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][bytes ratio: 0.013 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/61 31.0/61.0 62/61 31.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63.7/62.0 78/66 10.3/2.8] - 74 TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][bytes ratio: 0.013 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/65 31.0/65.0 62/65 31.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63.7/62.0 78/66 10.3/2.8] - 75 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 76 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 77 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes] - 78 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 79 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes] - 80 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)] - 81 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] - 82 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Host: lucas-imac][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)] - 83 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes] - 84 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] - 85 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] - 86 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local] - 87 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)] - 88 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Host: lucas-imac][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)] - 89 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com][PLAIN TEXT (skypeassets)] - 90 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 91 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 92 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 93 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 94 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 95 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 96 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 97 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 98 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 99 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 100 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 101 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes] - 102 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 103 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 104 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 105 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 106 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 107 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 108 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 109 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes] - 110 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 111 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 112 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 113 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 114 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 115 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 116 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 117 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 118 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 119 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 120 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes] - 121 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 122 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 123 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 124 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 125 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 126 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 127 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 128 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 129 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 130 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 131 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 132 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 133 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes] - 134 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 135 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 136 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 137 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 138 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 139 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 140 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes] - 141 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 142 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 143 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 144 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 145 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 146 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes] - 147 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 148 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 149 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 150 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 151 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 152 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 153 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes] - 154 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 155 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 156 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 157 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 158 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 159 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 160 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 161 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 162 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 163 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 164 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 165 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes] - 166 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 167 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 168 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 169 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 170 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 171 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 172 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 173 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 174 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes] - 175 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 176 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 177 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 178 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 179 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 180 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 181 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 182 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 183 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 184 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes] - 185 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 186 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 187 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 188 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 189 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes] - 190 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 191 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 192 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 193 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 194 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 195 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes] - 196 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 197 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 198 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 199 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 200 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 201 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 202 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 203 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 204 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 205 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 206 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 207 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 208 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 209 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 210 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes] - 211 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 212 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 213 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 214 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 215 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 216 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 217 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 218 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 219 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes] - 220 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 221 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 222 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 223 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 224 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 225 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 226 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 227 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 228 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes] - 229 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 230 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 231 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes] - 232 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 233 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 234 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 235 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 236 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes] - 237 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91.125/TLS.Skype][cat: Web/5][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][Goodput ratio: 71.9/91.6][51.22 sec][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 369.6/331.3 45360/45460 3946.4/3735.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235.2/783.8 1506/1506 432.7/564.7][TLSv1][JA3C: 06207a1730b5deeb207b0556e102ded2][Server: *.gateway.messenger.live.com][JA3S: d9699a2032a6c5371343b7f7dfd94abe][Certificate SHA-1: 95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51][Validity: 2014-10-27 22:51:07 - 2016-10-26 22:51:07][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + 2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes][Goodput ratio: 77.8/89.2][22.75 sec][bytes ratio: -0.323 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238.2/214.7 3095/3095 411.2/400.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 303.8/611.6 1506/1506 405.8/625.9][PLAIN TEXT (nZREBS)] + 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes][Goodput ratio: 77.4/79.7][68.36 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2272.9/322.9 55625/8255 10013.7/1510.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 239.0/276.3 680/1494 273.4/358.4] + 4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes][Goodput ratio: 88.7/0.0][60.04 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1254.2/0.0 19850/0 4801.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 327/0 372.3/0.0 405/0 28.7/0.0][PLAIN TEXT (NOTIFY )] + 5 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][Goodput ratio: 69.5/0.0][54.57 sec][bytes ratio: 0.958 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3429.1/0.0 6616/0 2850.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 216.3/74.0 251/74 72.3/0.0][TLSv1][Client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726] + 6 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes][Goodput ratio: 75.2/28.9][14.87 sec][bytes ratio: 0.836 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1411.2/27.5 6276/55 1938.6/27.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 270.2/96.7 401/150 156.2/37.9] + 7 TCP 108.160.163.108:443 <-> 192.168.1.34:51222 [proto: 91.121/TLS.Dropbox][cat: Cloud/13][4 pkts/818 bytes <-> 4 pkts/2172 bytes][Goodput ratio: 67.6/87.8][30.64 sec][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 222/2 10212.3/10139.0 30193/30413 14128.5/14335.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 204.5/543.0 343/1020 138.5/477.0] + 8 TCP 192.168.1.34:51295 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][11 pkts/2074 bytes <-> 1 pkts/74 bytes][Goodput ratio: 64.4/0.0][14.82 sec][bytes ratio: 0.931 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1393.0/0.0 6406/0 1894.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 188.5/74.0 233/74 72.7/0.0][TLSv1][Client: apps.skype.com] + 9 TCP 192.168.1.34:51238 <-> 157.55.235.147:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][13 pkts/1446 bytes <-> 4 pkts/266 bytes][Goodput ratio: 39.8/0.0][28.33 sec][bytes ratio: 0.689 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/63 2320.6/63.0 11234/63 3205.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 111.2/66.5 138/74 23.1/5.0] + 10 TCP 192.168.1.34:51262 <-> 213.199.179.176:443 [proto: 91/TLS][cat: Web/5][13 pkts/1437 bytes <-> 3 pkts/200 bytes][Goodput ratio: 39.4/0.0][24.81 sec][bytes ratio: 0.756 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/59 2001.1/59.0 7498/59 2282.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 110.5/66.7 138/74 22.8/5.7] + 11 TCP 192.168.1.34:51241 <-> 157.55.130.176:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1333 bytes <-> 3 pkts/251 bytes][Goodput ratio: 40.6/17.9][18.20 sec][bytes ratio: 0.683 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/123 1300.8/123.0 4567/123 1449.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 111.1/83.7 138/111 32.3/19.6] + 12 TCP 192.168.1.34:51261 <-> 157.55.235.170:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1284 bytes <-> 3 pkts/285 bytes][Goodput ratio: 38.3/27.6][17.85 sec][bytes ratio: 0.637 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/81 1425.4/81.0 4989/81 1713.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 107.0/95.0 138/145 29.6/35.5] + 13 TCP 192.168.1.34:51239 <-> 65.55.223.45:443 [proto: 91/TLS][cat: Web/5][12 pkts/1291 bytes <-> 3 pkts/242 bytes][Goodput ratio: 38.6/14.8][18.81 sec][bytes ratio: 0.684 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/129 1344.9/129.0 4168/129 1444.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 107.6/80.7 138/102 30.0/15.4] + 14 TCP 192.168.1.34:51274 <-> 157.55.235.152:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1235 bytes <-> 3 pkts/285 bytes][Goodput ratio: 35.8/27.6][16.83 sec][bytes ratio: 0.625 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/66 1402.0/66.0 6762/66 1929.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 102.9/95.0 138/145 27.1/35.5] + 15 TCP 192.168.1.34:51260 <-> 157.55.130.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1249 bytes <-> 3 pkts/265 bytes][Goodput ratio: 36.6/22.2][18.45 sec][bytes ratio: 0.650 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/127 1319.8/127.0 4821/127 1497.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 104.1/88.3 138/125 27.8/26.1] + 16 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes][Goodput ratio: 16.2/21.0][30.54 sec][bytes ratio: 0.536 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2454.6/42.0 9200/81 2778.0/39.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.8/84.2 175/137 26.6/30.9] + 17 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes][Goodput ratio: 37.6/23.0][17.61 sec][bytes ratio: 0.626 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/199 1474.6/199.0 4207/199 1525.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/89.3 138/128 30.7/27.5] + 18 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes][Goodput ratio: 38.7/22.4][32.26 sec][bytes ratio: 0.508 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/225 3631.1/5557.0 15560/10889 4792.1/5332.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 107.7/87.8 138/145 34.5/33.2] + 19 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes][Goodput ratio: 11.6/27.4][27.54 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 2212.9/38.5 8343/69 2500.0/30.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 75.6/91.8 117/167 12.0/43.7] + 20 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes][Goodput ratio: 15.1/34.4][12.52 sec][bytes ratio: 0.418 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1044.5/40.5 4851/80 1545.7/39.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.8/103.8 163/171 25.3/41.3] + 21 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes][Goodput ratio: 29.9/27.6][16.56 sec][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/62 1385.6/62.0 6081/62 1874.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 94.2/95.0 138/145 22.5/35.5] + 22 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes][Goodput ratio: 29.9/27.6][17.58 sec][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 1583.2/77.0 5936/77 2058.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 94.2/95.0 138/145 22.5/35.5] + 23 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes][Goodput ratio: 27.6/27.6][17.58 sec][bytes ratio: 0.587 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/78 1583.7/78.0 5941/78 2059.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91.2/95.0 138/145 21.3/35.5] + 24 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes][Goodput ratio: 35.4/22.4][28.19 sec][bytes ratio: 0.489 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3358.6/3765.0 13674/7236 4325.8/3471.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 102.2/87.8 138/145 30.3/33.2] + 25 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes][Goodput ratio: 14.7/24.6][17.15 sec][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 1477.4/38.5 6479/71 1968.0/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.4/90.2 158/147 24.0/32.9] + 26 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes][Goodput ratio: 34.7/22.4][33.88 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/291 3829.8/6655.5 17161/13020 5285.9/6364.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 101.2/87.8 138/145 29.6/33.2] + 27 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes][Goodput ratio: 11.8/22.6][32.35 sec][bytes ratio: 0.483 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2797.1/63.0 14147/123 3995.0/60.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 75.8/86.0 118/144 12.7/33.9] + 28 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes][Goodput ratio: 12.5/21.8][17.40 sec][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/7 1497.1/39.5 6272/72 2024.2/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.5/87.0 133/134 17.7/27.3] + 29 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes][Goodput ratio: 13.3/16.3][32.75 sec][bytes ratio: 0.519 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2832.9/65.0 14399/127 4059.8/62.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77.2/79.5 136/118 17.4/22.8] + 30 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes][Goodput ratio: 15.4/21.9][29.62 sec][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2714.5/103.0 11633/206 3499.6/103.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.2/85.2 157/141 23.7/32.6] + 31 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes][Goodput ratio: 15.4/20.6][27.75 sec][bytes ratio: 0.336 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2724.7/2317.3 12657/6632 3959.4/3053.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.0/85.2 158/146 26.1/30.6] + 32 TCP 192.168.1.34:51246 <-> 157.56.52.44:40020 [proto: 125/Skype][cat: VoIP/10][11 pkts/856 bytes <-> 5 pkts/409 bytes][Goodput ratio: 15.2/17.3][29.81 sec][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2935.2/2960.0 14701/8573 4584.0/3971.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77.8/81.8 156/129 25.5/23.9] + 33 TCP 192.168.1.34:51236 <-> 111.221.74.45:40008 [proto: 125/Skype][cat: VoIP/10][11 pkts/844 bytes <-> 5 pkts/413 bytes][Goodput ratio: 14.0/18.1][28.48 sec][bytes ratio: 0.343 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/16 2814.8/2537.7 12362/7300 3843.3/3369.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.7/82.6 144/133 22.2/25.5] + 34 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/TLS][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes][Goodput ratio: 32.1/27.6][9.23 sec][bytes ratio: 0.547 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/195 632.6/195.0 2177/195 724.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 97.2/95.0 138/145 26.9/35.5] + 35 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes][Goodput ratio: 26.8/22.4][27.81 sec][bytes ratio: 0.440 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/292 3405.5/3304.0 14303/6316 4509.7/3012.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90.2/87.8 138/145 23.2/33.2] + 36 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes][Goodput ratio: 10.9/20.0][27.98 sec][bytes ratio: 0.317 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 2764.7/2391.7 12863/6880 3982.9/3175.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74.1/84.6 115/143 14.4/29.4] + 37 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes][Goodput ratio: 22.5/22.4][30.09 sec][bytes ratio: 0.416 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3510.6/4388.5 15598/8483 4823.8/4094.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 85.2/87.8 138/145 21.6/33.2] + 38 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes][Goodput ratio: 15.9/28.0][17.94 sec][bytes ratio: 0.350 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1703.2/147.5 4607/294 1700.3/146.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.5/94.5 159/164 27.6/40.3] + 39 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes][Goodput ratio: 24.3/27.6][18.79 sec][bytes ratio: 0.507 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/199 2007.5/199.0 5293/199 1964.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87.2/95.0 138/145 22.1/35.5] + 40 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes][Goodput ratio: 73.6/54.1][1.27 sec][Host: __msbrowse__][bytes ratio: 0.678 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1258 253.0/1258.0 1243/1258 495.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 104/92 159.7/92.0 271/92 78.7/0.0][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)] + 41 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238/ApplePush][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes][Goodput ratio: 60.7/40.4][10.70 sec][bytes ratio: 0.206 (Upload)][IAT c2s/s2c min/avg/max/stddev: 215/1 3565.3/3493.7 10265/10480 4737.4/4940.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 168.5/111.0 279/156 102.7/45.0] + 42 UDP 192.168.1.34:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][30.07 sec][PLAIN TEXT ( 1573195445)] + 43 UDP 192.168.1.34:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][30.07 sec][PLAIN TEXT ( 1573195445)] + 44 UDP 192.168.1.92:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][30.05 sec][PLAIN TEXT ( 3375359593)] + 45 UDP 192.168.1.92:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][30.05 sec][PLAIN TEXT ( 3375359593)] + 46 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes][Goodput ratio: 56.7/0.0][1.26 sec][Host: __msbrowse__][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210.2/0.0 1261/0 469.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 97.1/0.0 110/0 8.1/0.0][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)] + 47 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes][Goodput ratio: 1.4/1.6][11.59 sec][bytes ratio: 0.071 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2640.0/2885.0 10417/10457 4490.2/4391.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.8/61.2 78/66 8.8/2.4] + 48 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.1/0.0][53.50 sec][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1093/0 7642.3/0.0 27046/0 8520.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] + 49 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.1/0.0][53.50 sec][Host: conn.skype.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1093/0 7642.0/0.0 27046/0 8520.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 81/0 81.0/0.0 81/0 0.0/0.0][PLAIN TEXT (akadns)] + 50 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.41 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1071/0 4400.3/0.0 9094/0 3402.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 51 UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.40 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1071/0 4400.3/0.0 9094/0 3402.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 52 UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.56 sec][Host: 335.0.7.7.3.rst11.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4425.8/0.0 9099/0 3400.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] + 53 UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.50 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1049/0 4416.0/0.0 9099/0 3405.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 54 UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.56 sec][Host: 335.0.7.7.3.rst11.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4425.8/0.0 9099/0 3400.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0] + 55 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][26.50 sec][Host: pipe.prd.skypedata.akadns.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1049/0 4416.0/0.0 9099/0 3405.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 89/0 89.0/0.0 89/0 0.0/0.0][PLAIN TEXT (skypedata)] + 56 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.2/0.0][26.33 sec][Host: 335.0.7.7.3.rst0.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4387.8/0.0 9077/0 3404.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] + 57 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.2/0.0][26.33 sec][Host: 335.0.7.7.3.rst0.r.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1010/0 4387.7/0.0 9077/0 3404.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 88/0 88.0/0.0 88/0 0.0/0.0] + 58 TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes][Goodput ratio: 1.4/2.0][13.03 sec][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/42 2605.0/4327.7 8814/8854 3477.6/3601.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58.8/61.5 78/66 8.8/2.6] + 59 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.6/0.0][53.51 sec][Host: ui.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1023/0 7644.0/0.0 27037/0 8524.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 72/0 72.0/0.0 72/0 0.0/0.0] + 60 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.50 sec][Host: a.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1045/0 4417.2/0.0 9098/0 3408.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 61 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.46 sec][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4409.2/0.0 9088/0 3399.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 62 UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.46 sec][Host: b.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1088/0 4409.2/0.0 9088/0 3399.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 63 UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.1/0.0][26.50 sec][Host: a.config.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1044/0 4417.0/0.0 9098/0 3408.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0][PLAIN TEXT (config)] + 64 UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.4/0.0][26.56 sec][Host: dsn13.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4426.0/0.0 9099/0 3400.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/0 77.0/0.0 77/0 0.0/0.0] + 65 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.4/0.0][26.56 sec][Host: dsn13.d.skype.net][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4426.0/0.0 9099/0 3400.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/0 77.0/0.0 77/0 0.0/0.0] + 66 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.4/0.0][26.50 sec][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1089/0 4415.7/0.0 9098/0 3405.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] + 67 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.4/0.0][26.50 sec][Host: api.skype.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4416.0/0.0 9098/0 3405.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73.0/0.0 73/0 0.0/0.0] + 68 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes][Goodput ratio: 36.4/0.0][0.69 sec][bytes ratio: 0.223 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/54 26.5/54.0 53/54 26.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97.7/62.0 161/66 45.8/2.8] + 69 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/TLS][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][5.05 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1005/0 1009.8/0.0 1015/0 4.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0] + 70 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes][Goodput ratio: 81.2/0.0][1.26 sec][Host: alicegate][PLAIN TEXT ( EBEMEJEDEFEHEBFEEFCACACACACACA)] + 71 UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.4/0.0][1.26 sec][Host: lucasmacbookpro][PLAIN TEXT ( EMFFEDEBFDENEBEDECEPEPELFAFCEP)] + 72 TCP 192.168.1.34:51284 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/237 bytes <-> 3 pkts/186 bytes][Goodput ratio: 21.4/0.0][0.47 sec][bytes ratio: 0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/62 34.0/62.0 68/62 34.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79.0/62.0 105/66 20.8/2.8] + 73 TCP 192.168.1.34:51285 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][Goodput ratio: 2.6/0.0][0.52 sec][bytes ratio: 0.013 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/61 31.0/61.0 62/61 31.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63.7/62.0 78/66 10.3/2.8] + 74 TCP 192.168.1.34:51286 <-> 91.190.218.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes][Goodput ratio: 2.6/0.0][0.36 sec][bytes ratio: 0.013 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/65 31.0/65.0 62/65 31.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 63.7/62.0 78/66 10.3/2.8] + 75 UDP 192.168.1.34:58061 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.7/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 76 UDP 192.168.1.34:59237 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.7/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 77 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][4 pkts/328 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.6/0.0][1.83 sec] + 78 UDP 192.168.1.34:13021 -> 83.31.12.173:23939 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.9/0.0][20.15 sec] + 79 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.9/0.0][20.15 sec] + 80 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Goodput ratio: 57.8/74.3][0.05 sec][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)] + 81 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.7/0.0][0.16 sec] + 82 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.2/0.0][< 1 sec][Host: lucas-imac][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)] + 83 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0.0/0.0][0.30 sec] + 84 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48.2/56.6][0.06 sec][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] + 85 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48.2/56.6][0.06 sec][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)] + 86 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 69.9/0.0][< 1 sec][Lucas-iMac.local] + 87 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 53.8/0.0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)] + 88 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 53.8/0.0][< 1 sec][Host: lucas-imac][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)] + 89 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.9/0.0][< 1 sec][Host: apps.skypeassets.com][PLAIN TEXT (skypeassets)] + 90 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 91 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 92 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 93 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 94 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 95 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 96 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 97 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 98 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 99 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 100 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 101 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec] + 102 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 103 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 104 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 105 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 106 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 107 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 108 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 109 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 110 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 111 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 112 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 113 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 114 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 115 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 116 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 117 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 118 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 119 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 120 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec] + 121 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 122 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 123 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 124 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 125 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 126 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 127 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 128 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 129 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 130 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 131 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 132 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 133 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.2/0.0][< 1 sec] + 134 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 135 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 136 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 137 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 138 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 139 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 140 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec] + 141 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 142 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 143 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 144 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 145 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 146 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec] + 147 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 148 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 149 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 150 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 151 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 152 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 153 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.9/0.0][< 1 sec] + 154 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 155 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 156 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 157 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 158 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 159 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 160 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 161 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 162 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 163 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 164 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 165 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.1/0.0][< 1 sec] + 166 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 167 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 168 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 169 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 170 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 171 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 172 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 173 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 174 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40.3/0.0][< 1 sec] + 175 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 176 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 177 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 178 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 179 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 180 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 181 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 182 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 183 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 184 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] + 185 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 186 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 187 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 188 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 189 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.6/0.0][< 1 sec] + 190 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 191 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 192 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 193 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 194 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 195 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 37.7/0.0][< 1 sec] + 196 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 197 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 198 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 199 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 200 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 201 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 202 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 203 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 204 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 205 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 206 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 207 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 208 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 209 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 210 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 36.8/0.0][< 1 sec] + 211 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 212 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 213 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 214 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 215 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 216 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 217 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 218 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 219 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 35.8/0.0][< 1 sec] + 220 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 221 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 222 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 223 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 224 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 225 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 226 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 227 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 228 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.8/0.0][< 1 sec] + 229 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 230 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 231 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 232 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 233 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 234 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 235 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 236 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.5/0.0][< 1 sec] + 237 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] Undetected flows: - 1 TCP 192.168.1.34:51307 <-> 149.13.32.15:13392 [proto: 0/Unknown][19 pkts/16968 bytes <-> 7 pkts/531 bytes][bytes ratio: 0.939 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 625.4/19.3 4127/44 1113.5/18.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 893.1/75.9 1506/123 669.9/19.7] - 2 TCP 192.168.1.34:51312 <-> 149.13.32.15:13392 [proto: 0/Unknown][18 pkts/15111 bytes <-> 7 pkts/531 bytes][bytes ratio: 0.932 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 377.1/18.7 2072/42 641.6/17.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 839.5/75.9 1506/123 680.8/19.7] - 3 TCP 192.168.1.34:51315 <-> 212.161.8.36:13392 [proto: 0/Unknown][16 pkts/11797 bytes <-> 7 pkts/493 bytes][bytes ratio: 0.920 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.8/30.3 1428/74 413.3/31.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 737.3/70.4 1506/85 681.3/7.3] - 4 TCP 192.168.1.34:51317 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/5655 bytes <-> 8 pkts/553 bytes][bytes ratio: 0.822 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 15.4/19.0 43/43 19.1/17.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 471.2/69.1 1506/85 595.5/7.7] - 5 TCP 192.168.1.34:51294 <-> 81.83.77.141:17639 [proto: 0/Unknown][19 pkts/2794 bytes <-> 14 pkts/2303 bytes][bytes ratio: 0.096 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/64 223.7/385.5 1936/2004 481.7/578.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 147.1/164.5 818/1190 199.9/284.9] - 6 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 0/Unknown][17 pkts/2686 bytes <-> 13 pkts/2218 bytes][bytes ratio: 0.095 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 289.9/379.1 2303/2313 573.9/649.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158.0/170.6 843/1090 214.6/266.9] - 7 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 0/Unknown][12 pkts/2194 bytes <-> 8 pkts/1711 bytes][bytes ratio: 0.124 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/102 399.7/620.3 2746/2734 803.5/960.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 182.8/213.9 843/1090 250.3/332.2] - 8 TCP 192.168.1.34:51314 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/1407 bytes <-> 9 pkts/652 bytes][bytes ratio: 0.367 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 86.8/130.0 407/550 121.2/177.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 127.9/72.4 389/104 106.2/11.5] - 9 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 0/Unknown][14 pkts/1104 bytes <-> 5 pkts/392 bytes][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2245.3/26.5 12163/53 3485.7/26.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 78.9/78.4 162/126 23.3/24.2] - 10 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 0/Unknown][14 pkts/1106 bytes <-> 5 pkts/385 bytes][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129.1/25.5 11912/51 3214.7/25.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.0/77.0 164/119 23.8/21.5] - 11 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1070 bytes <-> 4 pkts/420 bytes][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/102 1185.8/102.0 6044/102 1931.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.4/105.0 156/166 22.9/38.7] - 12 TCP 192.168.1.34:51301 <-> 82.224.110.241:38895 [proto: 0/Unknown][11 pkts/835 bytes <-> 7 pkts/647 bytes][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/69 104.0/312.2 618/693 185.9/281.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75.9/92.4 107/127 14.8/20.6] - 13 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 0/Unknown][14 pkts/1093 bytes <-> 4 pkts/333 bytes][bytes ratio: 0.533 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 948.2/22.0 4970/44 1451.3/22.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78.1/83.2 159/127 22.8/25.5] - 14 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 0/Unknown][13 pkts/991 bytes <-> 4 pkts/378 bytes][bytes ratio: 0.448 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/217 1484.5/217.0 8694/217 2596.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.2/94.5 151/118 22.4/22.9] - 15 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 0/Unknown][13 pkts/976 bytes <-> 4 pkts/365 bytes][bytes ratio: 0.456 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 2103.3/67.0 5862/132 2207.5/65.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.1/91.2 128/151 16.4/34.7] - 16 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 0/Unknown][12 pkts/948 bytes <-> 4 pkts/349 bytes][bytes ratio: 0.462 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2726.5/100.0 11748/200 3538.6/100.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.0/87.2 154/149 22.9/36.0] - 17 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 0/Unknown][11 pkts/861 bytes <-> 4 pkts/397 bytes][bytes ratio: 0.369 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1397.3/141.5 5845/283 1794.7/141.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.3/99.2 161/137 26.9/30.0] - 18 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 0/Unknown][12 pkts/942 bytes <-> 3 pkts/284 bytes][bytes ratio: 0.537 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/94 1118.4/94.0 4788/94 1596.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 78.5/94.7 168/136 27.7/29.2] - 19 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 0/Unknown][11 pkts/832 bytes <-> 4 pkts/387 bytes][bytes ratio: 0.365 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 991.8/99.0 4167/195 1282.0/96.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.6/96.8 132/173 18.9/44.1] - 20 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/916 bytes <-> 3 pkts/281 bytes][bytes ratio: 0.530 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 759.1/26.0 3131/52 1053.6/26.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76.3/93.7 122/141 14.3/33.6] - 21 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 0/Unknown][11 pkts/862 bytes <-> 3 pkts/314 bytes][bytes ratio: 0.466 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 418.3/23.0 1902/44 578.5/21.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78.4/104.7 142/174 20.5/49.1] - 22 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 0/Unknown][12 pkts/931 bytes <-> 2 pkts/219 bytes][bytes ratio: 0.619 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/70 984.4/70.0 4078/70 1361.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 77.6/109.5 137/145 18.3/35.5] - 23 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/855 bytes <-> 3 pkts/287 bytes][bytes ratio: 0.497 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 702.7/37.0 3193/74 1013.0/37.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77.7/95.7 135/147 18.5/36.4] - 24 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/848 bytes <-> 3 pkts/286 bytes][bytes ratio: 0.496 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/22 875.6/57.5 3885/93 1222.5/35.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77.1/95.3 128/146 16.6/36.0] - 25 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 0/Unknown][7 pkts/571 bytes <-> 3 pkts/286 bytes][bytes ratio: 0.333 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 183.2/37.5 568/75 215.6/37.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81.6/95.3 139/146 23.8/36.0] - 26 TCP 192.168.1.34:51303 -> 80.121.84.93:62381 [proto: 0/Unknown][7 pkts/546 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1003/0 1175.2/0.0 2021/0 378.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0] - 27 TCP 192.168.1.34:51306 -> 80.121.84.93:62381 [proto: 0/Unknown][6 pkts/468 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1005/0 1007.4/0.0 1013/0 2.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0] - 28 UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes] - 29 TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes] - 30 TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.34:51307 <-> 149.13.32.15:13392 [proto: 0/Unknown][19 pkts/16968 bytes <-> 7 pkts/531 bytes][Goodput ratio: 92.5/12.6][10.40 sec][bytes ratio: 0.939 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 625.4/19.3 4127/44 1113.5/18.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 893.1/75.9 1506/123 669.9/19.7] + 2 TCP 192.168.1.34:51312 <-> 149.13.32.15:13392 [proto: 0/Unknown][18 pkts/15111 bytes <-> 7 pkts/531 bytes][Goodput ratio: 92.1/12.6][6.05 sec][bytes ratio: 0.932 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 377.1/18.7 2072/42 641.6/17.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 839.5/75.9 1506/123 680.8/19.7] + 3 TCP 192.168.1.34:51315 <-> 212.161.8.36:13392 [proto: 0/Unknown][16 pkts/11797 bytes <-> 7 pkts/493 bytes][Goodput ratio: 90.9/5.9][3.34 sec][bytes ratio: 0.920 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.8/30.3 1428/74 413.3/31.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 737.3/70.4 1506/85 681.3/7.3] + 4 TCP 192.168.1.34:51317 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/5655 bytes <-> 8 pkts/553 bytes][Goodput ratio: 85.8/5.2][0.16 sec][bytes ratio: 0.822 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 15.4/19.0 43/43 19.1/17.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 471.2/69.1 1506/85 595.5/7.7] + 5 TCP 192.168.1.34:51294 <-> 81.83.77.141:17639 [proto: 0/Unknown][19 pkts/2794 bytes <-> 14 pkts/2303 bytes][Goodput ratio: 54.7/59.5][4.66 sec][bytes ratio: 0.096 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/64 223.7/385.5 1936/2004 481.7/578.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 147.1/164.5 818/1190 199.9/284.9] + 6 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 0/Unknown][17 pkts/2686 bytes <-> 13 pkts/2218 bytes][Goodput ratio: 57.8/60.7][4.67 sec][bytes ratio: 0.095 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 289.9/379.1 2303/2313 573.9/649.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158.0/170.6 843/1090 214.6/266.9] + 7 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 0/Unknown][12 pkts/2194 bytes <-> 8 pkts/1711 bytes][Goodput ratio: 63.3/68.4][4.10 sec][bytes ratio: 0.124 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/102 399.7/620.3 2746/2734 803.5/960.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 182.8/213.9 843/1090 250.3/332.2] + 8 TCP 192.168.1.34:51314 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/1407 bytes <-> 9 pkts/652 bytes][Goodput ratio: 47.5/7.7][1.10 sec][bytes ratio: 0.367 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 86.8/130.0 407/550 121.2/177.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 127.9/72.4 389/104 106.2/11.5] + 9 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 0/Unknown][14 pkts/1104 bytes <-> 5 pkts/392 bytes][Goodput ratio: 15.2/15.3][27.78 sec][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2245.3/26.5 12163/53 3485.7/26.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 78.9/78.4 162/126 23.3/24.2] + 10 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 0/Unknown][14 pkts/1106 bytes <-> 5 pkts/385 bytes][Goodput ratio: 15.4/13.7][26.33 sec][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129.1/25.5 11912/51 3214.7/25.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.0/77.0 164/119 23.8/21.5] + 11 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1070 bytes <-> 4 pkts/420 bytes][Goodput ratio: 13.6/34.2][15.49 sec][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/102 1185.8/102.0 6044/102 1931.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.4/105.0 156/166 22.9/38.7] + 12 TCP 192.168.1.34:51301 <-> 82.224.110.241:38895 [proto: 0/Unknown][11 pkts/835 bytes <-> 7 pkts/647 bytes][Goodput ratio: 11.6/27.3][1.90 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/69 104.0/312.2 618/693 185.9/281.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75.9/92.4 107/127 14.8/20.6] + 13 TCP 192.168.1.34:51305 <-> 149.13.32.15:13392 [proto: 0/Unknown][14 pkts/1093 bytes <-> 4 pkts/333 bytes][Goodput ratio: 14.4/18.3][12.01 sec][bytes ratio: 0.533 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 948.2/22.0 4970/44 1451.3/22.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78.1/83.2 159/127 22.8/25.5] + 14 TCP 192.168.1.34:51289 <-> 71.238.7.203:18767 [proto: 0/Unknown][13 pkts/991 bytes <-> 4 pkts/378 bytes][Goodput ratio: 13.4/26.9][18.68 sec][bytes ratio: 0.448 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/217 1484.5/217.0 8694/217 2596.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76.2/94.5 151/118 22.4/22.9] + 15 TCP 192.168.1.34:51235 <-> 65.55.223.45:40009 [proto: 0/Unknown][13 pkts/976 bytes <-> 4 pkts/365 bytes][Goodput ratio: 12.1/25.4][24.64 sec][bytes ratio: 0.456 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 2103.3/67.0 5862/132 2207.5/65.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.1/91.2 128/151 16.4/34.7] + 16 TCP 192.168.1.34:51251 <-> 64.4.23.166:40029 [proto: 0/Unknown][12 pkts/948 bytes <-> 4 pkts/349 bytes][Goodput ratio: 15.2/23.7][29.71 sec][bytes ratio: 0.462 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2726.5/100.0 11748/200 3538.6/100.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79.0/87.2 154/149 22.9/36.0] + 17 TCP 192.168.1.34:51288 <-> 76.167.161.6:20274 [proto: 0/Unknown][11 pkts/861 bytes <-> 4 pkts/397 bytes][Goodput ratio: 15.7/31.4][13.03 sec][bytes ratio: 0.369 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1397.3/141.5 5845/283 1794.7/141.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78.3/99.2 161/137 26.9/30.0] + 18 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 0/Unknown][12 pkts/942 bytes <-> 3 pkts/284 bytes][Goodput ratio: 15.9/27.4][12.11 sec][bytes ratio: 0.537 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/94 1118.4/94.0 4788/94 1596.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 78.5/94.7 168/136 27.7/29.2] + 19 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 0/Unknown][11 pkts/832 bytes <-> 4 pkts/387 bytes][Goodput ratio: 12.7/29.6][9.26 sec][bytes ratio: 0.365 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 991.8/99.0 4167/195 1282.0/96.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75.6/96.8 132/173 18.9/44.1] + 20 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/916 bytes <-> 3 pkts/281 bytes][Goodput ratio: 12.2/26.6][8.32 sec][bytes ratio: 0.530 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 759.1/26.0 3131/52 1053.6/26.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76.3/93.7 122/141 14.3/33.6] + 21 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 0/Unknown][11 pkts/862 bytes <-> 3 pkts/314 bytes][Goodput ratio: 14.4/34.3][4.40 sec][bytes ratio: 0.466 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 418.3/23.0 1902/44 578.5/21.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78.4/104.7 142/174 20.5/49.1] + 22 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 0/Unknown][12 pkts/931 bytes <-> 2 pkts/219 bytes][Goodput ratio: 13.6/35.9][10.56 sec][bytes ratio: 0.619 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/70 984.4/70.0 4078/70 1361.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 77.6/109.5 137/145 18.3/35.5] + 23 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/855 bytes <-> 3 pkts/287 bytes][Goodput ratio: 13.7/28.1][6.97 sec][bytes ratio: 0.497 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 702.7/37.0 3193/74 1013.0/37.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77.7/95.7 135/147 18.5/36.4] + 24 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/848 bytes <-> 3 pkts/286 bytes][Goodput ratio: 13.0/27.9][8.38 sec][bytes ratio: 0.496 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/22 875.6/57.5 3885/93 1222.5/35.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77.1/95.3 128/146 16.6/36.0] + 25 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 0/Unknown][7 pkts/571 bytes <-> 3 pkts/286 bytes][Goodput ratio: 17.0/27.9][1.10 sec][bytes ratio: 0.333 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 183.2/37.5 568/75 215.6/37.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81.6/95.3 139/146 23.8/36.0] + 26 TCP 192.168.1.34:51303 -> 80.121.84.93:62381 [proto: 0/Unknown][7 pkts/546 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][7.05 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1003/0 1175.2/0.0 2021/0 378.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0] + 27 TCP 192.168.1.34:51306 -> 80.121.84.93:62381 [proto: 0/Unknown][6 pkts/468 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][5.04 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1005/0 1007.4/0.0 1013/0 2.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78.0/0.0 78/0 0.0/0.0] + 28 UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22.1/0.0][1.83 sec] + 29 TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0.0/0.0][0.27 sec] + 30 TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/smbv1.pcap.out b/tests/result/smbv1.pcap.out index fb5bcc07a..21bab61cc 100644 --- a/tests/result/smbv1.pcap.out +++ b/tests/result/smbv1.pcap.out @@ -1,3 +1,3 @@ SMBv1 7 1197 1 - 1 TCP 172.16.156.130:50927 <-> 10.128.0.243:445 [proto: 16/SMBv1][cat: System/18][4 pkts/669 bytes <-> 3 pkts/528 bytes][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 27/34 32.3/35.0 37/36 4.1/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 136/114 167.2/176.0 194/243 25.6/52.8][PLAIN TEXT (PC NETWORK PROGRAM 1.0)] + 1 TCP 172.16.156.130:50927 <-> 10.128.0.243:445 [proto: 16/SMBv1][cat: System/18][4 pkts/669 bytes <-> 3 pkts/528 bytes][Goodput ratio: 67.6/69.2][0.10 sec][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 27/34 32.3/35.0 37/36 4.1/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 136/114 167.2/176.0 194/243 25.6/52.8][PLAIN TEXT (PC NETWORK PROGRAM 1.0)] diff --git a/tests/result/smpp_in_general.pcap.out b/tests/result/smpp_in_general.pcap.out index bec09ebb2..204f6a802 100644 --- a/tests/result/smpp_in_general.pcap.out +++ b/tests/result/smpp_in_general.pcap.out @@ -1,3 +1,3 @@ SMPP 17 1144 1 - 1 TCP 10.226.202.118:1770 <-> 10.226.202.53:9000 [proto: 207/SMPP][cat: Download-FileTransfer-FileSharing/7][10 pkts/670 bytes <-> 7 pkts/474 bytes][bytes ratio: 0.171 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3848.2/7230.0 28802/28906 9451.2/12514.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 67.0/67.7 104/79 17.3/7.3][PLAIN TEXT (password)] + 1 TCP 10.226.202.118:1770 <-> 10.226.202.53:9000 [proto: 207/SMPP][cat: Download-FileTransfer-FileSharing/7][10 pkts/670 bytes <-> 7 pkts/474 bytes][Goodput ratio: 18.2/16.4][30.95 sec][bytes ratio: 0.171 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3848.2/7230.0 28802/28906 9451.2/12514.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 67.0/67.7 104/79 17.3/7.3][PLAIN TEXT (password)] diff --git a/tests/result/snapchat.pcap.out b/tests/result/snapchat.pcap.out index a8d93c6d7..67981feea 100644 --- a/tests/result/snapchat.pcap.out +++ b/tests/result/snapchat.pcap.out @@ -6,6 +6,6 @@ JA3 Host Stats: 1 10.8.0.1 2 - 1 TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][bytes ratio: 0.162 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 102.1/102.3 503/453 171.6/166.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 254.4/206.6 590/1123 236.6/349.9][TLSv1.2][Client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 2 TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][bytes ratio: 0.389 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 80.9/85.8 403/353 142.1/131.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 260.6/129.0 590/502 235.8/149.5][TLSv1.2][Client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 3 TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 283.1/283.1 2052/2000 669.5/649.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 173.6/88.1 590/292 162.7/75.5][TLSv1.2][JA3C: 36e9ceaa96dd810482573844f78a063f][JA3S: fbe78c619e7ea20046131294ad087f05][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 1 TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][Goodput ratio: 77.9/73.8][0.72 sec][bytes ratio: 0.162 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 102.1/102.3 503/453 171.6/166.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 254.4/206.6 590/1123 236.6/349.9][TLSv1.2][Client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 2 TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][cat: SocialNetwork/6][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][Goodput ratio: 78.4/58.1][0.57 sec][bytes ratio: 0.389 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 80.9/85.8 403/353 142.1/131.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 260.6/129.0 590/502 235.8/149.5][TLSv1.2][Client: feelinsonice-hrd.appspot.com][JA3C: fded31ac9b978e56ce306f8056092f2a][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 3 TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes][Goodput ratio: 67.8/38.7][2.27 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 283.1/283.1 2052/2000 669.5/649.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 173.6/88.1 590/292 162.7/75.5][TLSv1.2][JA3C: 36e9ceaa96dd810482573844f78a063f][JA3S: fbe78c619e7ea20046131294ad087f05][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] diff --git a/tests/result/ssdp-m-search.pcap.out b/tests/result/ssdp-m-search.pcap.out index b17e736a5..9faeec8ce 100644 --- a/tests/result/ssdp-m-search.pcap.out +++ b/tests/result/ssdp-m-search.pcap.out @@ -1,3 +1,3 @@ SSDP 19 1197 1 - 1 UDP 192.168.242.8:42253 -> 192.168.242.255:32412 [proto: 12/SSDP][cat: System/18][19 pkts/1197 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 4999/0 4999.4/0.0 5000/0 0.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 63/0 63.0/0.0 63/0 0.0/0.0][PLAIN TEXT (SEARCH )] + 1 UDP 192.168.242.8:42253 -> 192.168.242.255:32412 [proto: 12/SSDP][cat: System/18][19 pkts/1197 bytes -> 0 pkts/0 bytes][Goodput ratio: 33.3/0.0][90.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 4999/0 4999.4/0.0 5000/0 0.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 63/0 63.0/0.0 63/0 0.0/0.0][PLAIN TEXT (SEARCH )] diff --git a/tests/result/ssh.pcap.out b/tests/result/ssh.pcap.out index 78462fc23..a93e4a002 100644 --- a/tests/result/ssh.pcap.out +++ b/tests/result/ssh.pcap.out @@ -1,3 +1,3 @@ SSH 258 35546 1 - 1 TCP 172.16.238.1:58395 <-> 172.16.238.168:22 [proto: 92/SSH][cat: RemoteAccess/12][159 pkts/15615 bytes <-> 99 pkts/19931 bytes][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1845.8/2933.8 166223/166224 14794.2/19692.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 98.2/201.3 970/1346 83.1/283.2][Client: SSH-2.0-OpenSSH_5.3][HASSH-C: 21B457A327CE7A2D4FCE5EF2C42400BD][Server: SSH-2.0-OpenSSH_5.6][HASSH-S: B1C6C0D56317555B85C7005A3DE29325] + 1 TCP 172.16.238.1:58395 <-> 172.16.238.168:22 [proto: 92/SSH][cat: RemoteAccess/12][159 pkts/15615 bytes <-> 99 pkts/19931 bytes][Goodput ratio: 32.7/67.2][248.48 sec][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1845.8/2933.8 166223/166224 14794.2/19692.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 98.2/201.3 970/1346 83.1/283.2][Client: SSH-2.0-OpenSSH_5.3][HASSH-C: 21B457A327CE7A2D4FCE5EF2C42400BD][Server: SSH-2.0-OpenSSH_5.6][HASSH-S: B1C6C0D56317555B85C7005A3DE29325] diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out index d2f8b70c2..5a63b3322 100644 --- a/tests/result/starcraft_battle.pcap.out +++ b/tests/result/starcraft_battle.pcap.out @@ -8,55 +8,55 @@ Google 22 2184 5 Github 3 234 1 Starcraft 236 51494 6 - 1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][cat: Web/5][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Host: llnw.blizzard.com][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 44.6/2.6 2914/58 340.9/11.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 56.2/1451.1 241/1514 19.6/290.7][URL: llnw.blizzard.com/sc2-pod-retail/AF11CD00/EU/24621.direct/s2-36281-BA356DD57557728843CAF63A12C79AA3.mfil][StatusCode: 200][ContentType: application/octet-stream][UserAgent: Blizzard Web Client][PLAIN TEXT (GET /sc)] - 2 TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][bytes ratio: -0.635 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.2/37.4 1016/1086 103.8/132.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 72.7/460.9 249/1514 27.5/593.0][PLAIN TEXT (matteobracci1@gmail.com)] - 3 TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.948 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.6/3.0 33/34 13.0/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 64.7/1402.4 203/1514 37.1/386.6][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/gc/GCF1DHMH8FDY1434670037434.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 4 TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12.4/4.3 37/64 16.2/16.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.6/1352.8 203/1514 42.6/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/4j/4J7OUIISCLTQ1436943629210.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 5 TCP 192.168.1.100:3529 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8.4/2.4 34/35 14.0/8.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.4/1352.8 200/1514 41.8/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/yf/YF9PRCZXJVPZ1428591254317.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 6 TCP 192.168.1.100:3530 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.1/3.2 34/47 14.1/11.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.4/1352.8 200/1514 41.8/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/0x/0XQ1VXR8ZR271434128527471.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 7 TCP 192.168.1.100:3531 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8.2/2.3 34/32 14.3/8.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.4/1352.8 200/1514 41.8/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/fa/FA512IPUN0SE1436979936388.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 8 UDP 192.168.1.254:38605 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][11 pkts/4984 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 414/0 453.1/0.0 494/0 30.1/0.0][PLAIN TEXT (osNOTIFY )] - 9 TCP 192.168.1.100:3525 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/545 bytes <-> 6 pkts/3388 bytes][Host: eu.battle.net][bytes ratio: -0.723 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.0/18.0 64/60 27.1/24.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90.8/564.7 263/1514 77.1/672.6][URL: eu.battle.net/sc2/en-gb/data/live-events.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /sc)] - 10 TCP 192.168.1.100:3526 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/547 bytes <-> 5 pkts/3139 bytes][Host: eu.battle.net][bytes ratio: -0.703 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32.8/26.3 70/61 29.1/25.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 91.2/627.8 265/1514 77.9/695.8][URL: eu.battle.net/sc2/en-gb/data/client-homepage.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /sc)] - 11 TCP 192.168.1.100:3516 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 6 pkts/3131 bytes][Host: eu.launcher.battle.net][bytes ratio: -0.702 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.8/18.3 56/55 27.8/25.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 91.5/521.8 267/1514 78.6/654.3][URL: eu.launcher.battle.net/service/s2/regionsxml/regions.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /service/s2/regions)] - 12 TCP 192.168.1.100:3522 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 5 pkts/3071 bytes][Host: eu.launcher.battle.net][bytes ratio: -0.697 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.0/19.3 58/58 29.0/27.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 91.5/614.2 267/1514 78.6/680.1][URL: eu.launcher.battle.net/service/s2/regionsxml/regions.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /service/s2/regions)] - 13 TCP 192.168.1.100:3506 <-> 173.194.113.224:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/632 bytes <-> 4 pkts/667 bytes][Host: www.google-analytics.com][bytes ratio: -0.027 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 28.8/25.0 50/33 18.1/8.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 126.4/166.8 404/481 138.9/181.4][URL: www.google-analytics.com/collect][StatusCode: 200][ContentType: image/gif][UserAgent: Battle.net/1.3.0.5952][PLAIN TEXT (POST /collect HTTP/1.1)] - 14 TCP 192.168.1.100:3518 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/473 bytes <-> 4 pkts/753 bytes][Host: nydus.battle.net][bytes ratio: -0.228 (Download)][IAT c2s/s2c min/avg/max/stddev: 10/0 59.8/33.0 100/66 29.7/33.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 78.8/188.2 191/573 50.4/222.1][URL: nydus.battle.net/S2/enGB/client/alert?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/alert)] - 15 TCP 192.168.1.100:3515 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net][bytes ratio: -0.224 (Download)][IAT c2s/s2c min/avg/max/stddev: 9/0 60.2/34.0 96/68 29.2/34.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79.2/187.2 193/569 51.1/220.4][URL: nydus.battle.net/S2/enGB/client/regions?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/regions)] - 16 TCP 192.168.1.100:3521 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Host: nydus.battle.net][bytes ratio: -0.224 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 59.8/29.5 102/59 33.8/29.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79.2/187.2 193/569 51.1/220.4][URL: nydus.battle.net/S2/enGB/client/regions?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/regions)] - 17 TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/481 bytes <-> 4 pkts/733 bytes][Host: nydus.battle.net][bytes ratio: -0.208 (Download)][IAT c2s/s2c min/avg/max/stddev: 9/0 62.6/32.5 113/65 34.1/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 80.2/183.2 199/553 53.3/213.5][URL: nydus.battle.net/S2/enGB/client/feed/homepage?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/feed/homepa)] - 18 TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/483 bytes <-> 4 pkts/725 bytes][Host: nydus.battle.net][bytes ratio: -0.200 (Download)][IAT c2s/s2c min/avg/max/stddev: 9/0 61.0/32.5 111/65 33.1/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 80.5/181.2 201/545 54.1/210.0][URL: nydus.battle.net/S2/enGB/client/feed/live-event?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/feed/live)] - 19 TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][5 pkts/482 bytes <-> 4 pkts/497 bytes][Host: eu.launcher.battle.net][bytes ratio: -0.015 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 43.0/29.0 58/58 24.8/29.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96.4/124.2 254/317 78.9/111.3][URL: eu.launcher.battle.net/service/s2/alert/en-gb][StatusCode: 200][ContentType: text/plain][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /service/s2/alert/en)] - 20 TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][cat: Game/8][6 pkts/376 bytes <-> 7 pkts/526 bytes][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2624.0/2614.0 6381/6342 2710.7/2730.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 62.7/75.1 74/155 8.8/32.8] - 21 TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Host: us.scan.worldofwarcraft.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/0 148.2/101.5 198/203 80.4/101.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 73.4/128.2 139/327 33.1/114.8][URL: us.scan.worldofwarcraft.com/update/Launcher.txt][StatusCode: 200][ContentType: text/plain][UserAgent: ][PLAIN TEXT (GET /update/Launcher.txt HTTP/1)] - 22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (bnetcmsus)] - 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes][bytes ratio: 0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13855/13940 14457.0/14457.0 15059/14974 602.0/517.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/66 81.0/77.3 83/83 2.8/8.0] - 24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 110.212.58.216.in-addr.arpa] - 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com][PLAIN TEXT (blizzard)] - 26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 100.1.168.192.in-addr.arpa][PLAIN TEXT (dynect)] - 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 26.186.239.80.in-addr.arpa][PLAIN TEXT (signup)] - 28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/78/78XH2UNU4JYK1434560551687.jpg][StatusCode: 0][ContentType: ][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 29 TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/mf/MFTH8TS42HKX1430183778319.jpg][StatusCode: 0][ContentType: ][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] - 30 UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net][PLAIN TEXT (battle)] - 31 TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 32 TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 33 TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 34 TCP 192.168.1.100:3482 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 35 TCP 192.168.1.100:3489 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 36 TCP 192.168.1.100:3490 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 37 TCP 192.168.1.100:3491 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 38 TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes] - 39 TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/TLS.Github][cat: Collaborative/15][2 pkts/145 bytes <-> 1 pkts/89 bytes] - 40 TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/120 bytes] - 41 UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/124 bytes][Host: 40.186.239.80.in-addr.arpa][PLAIN TEXT (attens)] - 42 TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes] - 43 TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes] - 44 TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes] - 45 IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes] - 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes] - 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes] - 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes] - 49 UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes] - 50 TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes] - 51 TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes] - 52 TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][cat: Web/5][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Goodput ratio: 3.7/96.3][3.22 sec][Host: llnw.blizzard.com][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 44.6/2.6 2914/58 340.9/11.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 56.2/1451.1 241/1514 19.6/290.7][URL: llnw.blizzard.com/sc2-pod-retail/AF11CD00/EU/24621.direct/s2-36281-BA356DD57557728843CAF63A12C79AA3.mfil][StatusCode: 200][ContentType: application/octet-stream][UserAgent: Blizzard Web Client][PLAIN TEXT (GET /sc)] + 2 TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][Goodput ratio: 25.6/87.6][3.83 sec][bytes ratio: -0.635 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.2/37.4 1016/1086 103.8/132.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 72.7/460.9 249/1514 27.5/593.0][PLAIN TEXT (matteobracci1@gmail.com)] + 3 TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Goodput ratio: 15.3/96.1][0.10 sec][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.948 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.6/3.0 33/34 13.0/9.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 64.7/1402.4 203/1514 37.1/386.6][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/gc/GCF1DHMH8FDY1434670037434.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 4 TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Goodput ratio: 19.7/95.9][0.10 sec][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12.4/4.3 37/64 16.2/16.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.6/1352.8 203/1514 42.6/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/4j/4J7OUIISCLTQ1436943629210.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 5 TCP 192.168.1.100:3529 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Goodput ratio: 19.4/95.9][0.07 sec][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8.4/2.4 34/35 14.0/8.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.4/1352.8 200/1514 41.8/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/yf/YF9PRCZXJVPZ1428591254317.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 6 TCP 192.168.1.100:3530 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Goodput ratio: 19.4/95.9][0.08 sec][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10.1/3.2 34/47 14.1/11.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.4/1352.8 200/1514 41.8/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/0x/0XQ1VXR8ZR271434128527471.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 7 TCP 192.168.1.100:3531 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][11 pkts/752 bytes <-> 18 pkts/24350 bytes][Goodput ratio: 19.4/95.9][0.07 sec][Host: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8.2/2.3 34/32 14.3/8.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 68.4/1352.8 200/1514 41.8/456.0][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/fa/FA512IPUN0SE1436979936388.jpg][StatusCode: 200][ContentType: image/jpeg][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 8 UDP 192.168.1.254:38605 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][11 pkts/4984 bytes -> 0 pkts/0 bytes][Goodput ratio: 90.7/0.0][0.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0.0/0.0 0/0 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 414/0 453.1/0.0 494/0 30.1/0.0][PLAIN TEXT (osNOTIFY )] + 9 TCP 192.168.1.100:3525 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/545 bytes <-> 6 pkts/3388 bytes][Goodput ratio: 38.3/89.9][0.18 sec][Host: eu.battle.net][bytes ratio: -0.723 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.0/18.0 64/60 27.1/24.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90.8/564.7 263/1514 77.1/672.6][URL: eu.battle.net/sc2/en-gb/data/live-events.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /sc)] + 10 TCP 192.168.1.100:3526 <-> 80.239.186.40:80 [proto: 7/HTTP][cat: Web/5][6 pkts/547 bytes <-> 5 pkts/3139 bytes][Goodput ratio: 38.5/90.8][0.19 sec][Host: eu.battle.net][bytes ratio: -0.703 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32.8/26.3 70/61 29.1/25.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 91.2/627.8 265/1514 77.9/695.8][URL: eu.battle.net/sc2/en-gb/data/client-homepage.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /sc)] + 11 TCP 192.168.1.100:3516 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 6 pkts/3131 bytes][Goodput ratio: 38.7/88.9][0.17 sec][Host: eu.launcher.battle.net][bytes ratio: -0.702 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.8/18.3 56/55 27.8/25.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 91.5/521.8 267/1514 78.6/654.3][URL: eu.launcher.battle.net/service/s2/regionsxml/regions.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /service/s2/regions)] + 12 TCP 192.168.1.100:3522 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][6 pkts/549 bytes <-> 5 pkts/3071 bytes][Goodput ratio: 38.7/90.6][0.17 sec][Host: eu.launcher.battle.net][bytes ratio: -0.697 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.0/19.3 58/58 29.0/27.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 91.5/614.2 267/1514 78.6/680.1][URL: eu.launcher.battle.net/service/s2/regionsxml/regions.xml][StatusCode: 200][ContentType: application/xml][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /service/s2/regions)] + 13 TCP 192.168.1.100:3506 <-> 173.194.113.224:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/632 bytes <-> 4 pkts/667 bytes][Goodput ratio: 55.3/63.9][0.12 sec][Host: www.google-analytics.com][bytes ratio: -0.027 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 28.8/25.0 50/33 18.1/8.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 126.4/166.8 404/481 138.9/181.4][URL: www.google-analytics.com/collect][StatusCode: 200][ContentType: image/gif][UserAgent: Battle.net/1.3.0.5952][PLAIN TEXT (POST /collect HTTP/1.1)] + 14 TCP 192.168.1.100:3518 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/473 bytes <-> 4 pkts/753 bytes][Goodput ratio: 28.9/68.8][0.30 sec][Host: nydus.battle.net][bytes ratio: -0.228 (Download)][IAT c2s/s2c min/avg/max/stddev: 10/0 59.8/33.0 100/66 29.7/33.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 78.8/188.2 191/573 50.4/222.1][URL: nydus.battle.net/S2/enGB/client/alert?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/alert)] + 15 TCP 192.168.1.100:3515 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Goodput ratio: 29.2/68.7][0.30 sec][Host: nydus.battle.net][bytes ratio: -0.224 (Download)][IAT c2s/s2c min/avg/max/stddev: 9/0 60.2/34.0 96/68 29.2/34.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79.2/187.2 193/569 51.1/220.4][URL: nydus.battle.net/S2/enGB/client/regions?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/regions)] + 16 TCP 192.168.1.100:3521 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/475 bytes <-> 4 pkts/749 bytes][Goodput ratio: 29.2/68.7][0.30 sec][Host: nydus.battle.net][bytes ratio: -0.224 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 59.8/29.5 102/59 33.8/29.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79.2/187.2 193/569 51.1/220.4][URL: nydus.battle.net/S2/enGB/client/regions?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/regions)] + 17 TCP 192.168.1.100:3524 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/481 bytes <-> 4 pkts/733 bytes][Goodput ratio: 30.1/68.0][0.31 sec][Host: nydus.battle.net][bytes ratio: -0.208 (Download)][IAT c2s/s2c min/avg/max/stddev: 9/0 62.6/32.5 113/65 34.1/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 80.2/183.2 199/553 53.3/213.5][URL: nydus.battle.net/S2/enGB/client/feed/homepage?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/feed/homepa)] + 18 TCP 192.168.1.100:3523 <-> 80.239.186.26:80 [proto: 7/HTTP][cat: Web/5][6 pkts/483 bytes <-> 4 pkts/725 bytes][Goodput ratio: 30.4/67.6][0.31 sec][Host: nydus.battle.net][bytes ratio: -0.200 (Download)][IAT c2s/s2c min/avg/max/stddev: 9/0 61.0/32.5 111/65 33.1/32.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 80.5/181.2 201/545 54.1/210.0][URL: nydus.battle.net/S2/enGB/client/feed/live-event?build=enGB&targetRegion=EU][StatusCode: 302][ContentType: text/html][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /S2/enGB/client/feed/live)] + 19 TCP 192.168.1.100:3519 <-> 80.239.186.21:80 [proto: 7/HTTP][cat: Web/5][5 pkts/482 bytes <-> 4 pkts/497 bytes][Goodput ratio: 41.4/52.8][0.17 sec][Host: eu.launcher.battle.net][bytes ratio: -0.015 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 43.0/29.0 58/58 24.8/29.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96.4/124.2 254/317 78.9/111.3][URL: eu.launcher.battle.net/service/s2/alert/en-gb][StatusCode: 200][ContentType: text/plain][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /service/s2/alert/en)] + 20 TCP 192.168.1.100:3427 <-> 80.239.208.193:1119 [proto: 213/Starcraft][cat: Game/8][6 pkts/376 bytes <-> 7 pkts/526 bytes][Goodput ratio: 13.8/22.4][10.56 sec][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2624.0/2614.0 6381/6342 2710.7/2730.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 62.7/75.1 74/155 8.8/32.8] + 21 TCP 192.168.1.100:3512 <-> 12.129.222.54:80 [proto: 7.76/HTTP.WorldOfWarcraft][cat: Game/8][5 pkts/367 bytes <-> 4 pkts/513 bytes][Goodput ratio: 23.1/53.1][0.60 sec][Host: us.scan.worldofwarcraft.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/0 148.2/101.5 198/203 80.4/101.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 73.4/128.2 139/327 33.1/114.8][URL: us.scan.worldofwarcraft.com/update/Launcher.txt][StatusCode: 200][ContentType: text/plain][UserAgent: ][PLAIN TEXT (GET /update/Launcher.txt HTTP/1)] + 22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Goodput ratio: 49.7/78.1][0.09 sec][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (bnetcmsus)] + 23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes][Goodput ratio: 48.0/45.5][28.94 sec][bytes ratio: 0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13855/13940 14457.0/14457.0 15059/14974 602.0/517.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/66 81.0/77.3 83/83 2.8/8.0] + 24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Goodput ratio: 51.1/70.0][0.05 sec][Host: 110.212.58.216.in-addr.arpa] + 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Goodput ratio: 45.2/70.6][0.08 sec][Host: llnw.blizzard.com][PLAIN TEXT (blizzard)] + 26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Goodput ratio: 50.9/67.4][0.06 sec][Host: 100.1.168.192.in-addr.arpa][PLAIN TEXT (dynect)] + 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Goodput ratio: 50.9/65.4][0.17 sec][Host: 26.186.239.80.in-addr.arpa][PLAIN TEXT (signup)] + 28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Goodput ratio: 45.5/0.0][0.04 sec][Host: bnetcmsus-a.akamaihd.net][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/78/78XH2UNU4JYK1434560551687.jpg][StatusCode: 0][ContentType: ][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 29 TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Goodput ratio: 45.5/0.0][0.04 sec][Host: bnetcmsus-a.akamaihd.net][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/mf/MFTH8TS42HKX1430183778319.jpg][StatusCode: 0][ContentType: ][UserAgent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)] + 30 UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Goodput ratio: 44.4/54.1][0.08 sec][Host: nydus.battle.net][PLAIN TEXT (battle)] + 31 TCP 192.168.1.100:3479 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.03 sec] + 32 TCP 192.168.1.100:3480 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.04 sec] + 33 TCP 192.168.1.100:3481 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.03 sec] + 34 TCP 192.168.1.100:3482 <-> 2.228.46.114:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.03 sec] + 35 TCP 192.168.1.100:3489 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.05 sec] + 36 TCP 192.168.1.100:3490 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.03 sec] + 37 TCP 192.168.1.100:3491 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.04 sec] + 38 TCP 192.168.1.100:3492 <-> 2.228.46.104:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/167 bytes][Goodput ratio: 0.0/31.5][0.03 sec] + 39 TCP 192.30.252.91:443 <-> 192.168.1.100:3213 [proto: 91.203/TLS.Github][cat: Collaborative/15][2 pkts/145 bytes <-> 1 pkts/89 bytes][Goodput ratio: 21.2/38.9][0.13 sec] + 40 TCP 192.168.1.100:3486 <-> 199.38.164.156:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/120 bytes][Goodput ratio: 0.0/0.0][0.12 sec] + 41 UDP 192.168.1.100:58844 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/124 bytes][Goodput ratio: 50.6/65.6][0.05 sec][Host: 40.186.239.80.in-addr.arpa][PLAIN TEXT (attens)] + 42 TCP 192.168.1.100:3484 <-> 173.194.113.224:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0.0/0.0][0.03 sec] + 43 TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes][Goodput ratio: 1.8/0.0][0.05 sec] + 44 TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes][Goodput ratio: 1.8/0.0][0.04 sec] + 45 IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][3.18 sec] + 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes][Goodput ratio: 4.4/3.3][0.05 sec] + 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes][Goodput ratio: 4.4/3.3][0.06 sec] + 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes][Goodput ratio: 2.3/11.5][0.05 sec] + 49 UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes][Goodput ratio: 2.3/11.5][0.05 sec] + 50 TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 51 TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 52 TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/steam.pcap.out b/tests/result/steam.pcap.out index 40e17df57..30f302f52 100644 --- a/tests/result/steam.pcap.out +++ b/tests/result/steam.pcap.out @@ -1,57 +1,57 @@ Steam 104 9020 55 - 1 UDP 192.168.188.149:45665 <-> 72.165.61.188:27018 [proto: 74/Steam][cat: Game/8][5 pkts/846 bytes <-> 6 pkts/608 bytes][bytes ratio: 0.164 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/0 148.7/123.6 298/289 107.4/115.6][Pkt Len c2s/s2c min/avg/max/stddev: 78/78 169.2/101.3 366/158 116.8/27.6][PLAIN TEXT (H@VS01)] - 2 UDP 192.168.188.149:45665 <-> 68.142.91.34:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 3 UDP 192.168.188.149:45665 <-> 68.142.91.35:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 4 UDP 192.168.188.149:45665 <-> 68.142.91.36:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 5 UDP 192.168.188.149:45665 <-> 68.142.116.178:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 6 UDP 192.168.188.149:45665 <-> 68.142.116.179:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 7 UDP 192.168.188.149:45665 <-> 69.28.145.170:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 8 UDP 192.168.188.149:45665 <-> 69.28.145.170:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 9 UDP 192.168.188.149:45665 <-> 69.28.145.171:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 10 UDP 192.168.188.149:45665 <-> 69.28.145.171:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 11 UDP 192.168.188.149:45665 <-> 69.28.145.172:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 12 UDP 192.168.188.149:45665 <-> 69.28.145.172:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 13 UDP 192.168.188.149:45665 <-> 72.165.61.174:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 14 UDP 192.168.188.149:45665 <-> 72.165.61.174:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 15 UDP 192.168.188.149:45665 <-> 72.165.61.175:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 16 UDP 192.168.188.149:45665 <-> 72.165.61.175:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 17 UDP 192.168.188.149:45665 <-> 72.165.61.176:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][PLAIN TEXT (FIVS01)] - 18 UDP 192.168.188.149:45665 <-> 72.165.61.176:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 19 UDP 192.168.188.149:45665 <-> 72.165.61.185:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 20 UDP 192.168.188.149:45665 <-> 72.165.61.185:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 21 UDP 192.168.188.149:45665 <-> 72.165.61.187:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 22 UDP 192.168.188.149:45665 <-> 72.165.61.187:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 23 UDP 192.168.188.149:45665 <-> 72.165.61.188:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 24 UDP 192.168.188.149:45665 <-> 146.66.152.12:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 25 UDP 192.168.188.149:45665 <-> 146.66.152.12:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 26 UDP 192.168.188.149:45665 <-> 146.66.152.12:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 27 UDP 192.168.188.149:45665 <-> 146.66.152.13:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][PLAIN TEXT (FGVS01)] - 28 UDP 192.168.188.149:45665 <-> 146.66.152.13:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 29 UDP 192.168.188.149:45665 <-> 146.66.152.13:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 30 UDP 192.168.188.149:45665 <-> 146.66.152.14:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 31 UDP 192.168.188.149:45665 <-> 146.66.152.14:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 32 UDP 192.168.188.149:45665 <-> 146.66.152.14:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 33 UDP 192.168.188.149:45665 <-> 146.66.152.15:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 34 UDP 192.168.188.149:45665 <-> 146.66.152.15:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 35 UDP 192.168.188.149:45665 <-> 146.66.152.15:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 36 UDP 192.168.188.149:45665 <-> 208.111.133.84:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 37 UDP 192.168.188.149:45665 <-> 208.111.133.84:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 38 UDP 192.168.188.149:45665 <-> 208.111.133.85:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 39 UDP 192.168.188.149:45665 <-> 208.111.133.85:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes] - 40 UDP 192.168.188.149:45665 <-> 208.111.171.82:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][PLAIN TEXT (b VS01)] - 41 UDP 192.168.188.149:45665 -> 81.171.115.5:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 42 UDP 192.168.188.149:45665 -> 81.171.115.5:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 43 UDP 192.168.188.149:45665 -> 81.171.115.5:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 44 UDP 192.168.188.149:45665 -> 81.171.115.6:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 45 UDP 192.168.188.149:45665 -> 81.171.115.6:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 46 UDP 192.168.188.149:45665 -> 81.171.115.6:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 47 UDP 192.168.188.149:45665 -> 81.171.115.7:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 48 UDP 192.168.188.149:45665 -> 81.171.115.7:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 49 UDP 192.168.188.149:45665 -> 81.171.115.7:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 50 UDP 192.168.188.149:45665 -> 81.171.115.8:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 51 UDP 192.168.188.149:45665 -> 81.171.115.8:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 52 UDP 192.168.188.149:45665 -> 81.171.115.8:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 53 UDP 192.168.188.149:45665 -> 203.77.185.4:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 54 UDP 192.168.188.149:45665 -> 203.77.185.5:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] - 55 UDP 192.168.188.149:45665 -> 208.111.171.83:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.188.149:45665 <-> 72.165.61.188:27018 [proto: 74/Steam][cat: Game/8][5 pkts/846 bytes <-> 6 pkts/608 bytes][Goodput ratio: 75.1/58.5][0.69 sec][bytes ratio: 0.164 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/0 148.7/123.6 298/289 107.4/115.6][Pkt Len c2s/s2c min/avg/max/stddev: 78/78 169.2/101.3 366/158 116.8/27.6][PLAIN TEXT (H@VS01)] + 2 UDP 192.168.188.149:45665 <-> 68.142.91.34:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.09 sec] + 3 UDP 192.168.188.149:45665 <-> 68.142.91.35:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.10 sec] + 4 UDP 192.168.188.149:45665 <-> 68.142.91.36:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.10 sec] + 5 UDP 192.168.188.149:45665 <-> 68.142.116.178:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.02 sec] + 6 UDP 192.168.188.149:45665 <-> 68.142.116.179:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.02 sec] + 7 UDP 192.168.188.149:45665 <-> 69.28.145.170:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 8 UDP 192.168.188.149:45665 <-> 69.28.145.170:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.03 sec] + 9 UDP 192.168.188.149:45665 <-> 69.28.145.171:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.03 sec] + 10 UDP 192.168.188.149:45665 <-> 69.28.145.171:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.03 sec] + 11 UDP 192.168.188.149:45665 <-> 69.28.145.172:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.03 sec] + 12 UDP 192.168.188.149:45665 <-> 69.28.145.172:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.03 sec] + 13 UDP 192.168.188.149:45665 <-> 72.165.61.174:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 14 UDP 192.168.188.149:45665 <-> 72.165.61.174:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 15 UDP 192.168.188.149:45665 <-> 72.165.61.175:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 16 UDP 192.168.188.149:45665 <-> 72.165.61.175:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 17 UDP 192.168.188.149:45665 <-> 72.165.61.176:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec][PLAIN TEXT (FIVS01)] + 18 UDP 192.168.188.149:45665 <-> 72.165.61.176:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 19 UDP 192.168.188.149:45665 <-> 72.165.61.185:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 20 UDP 192.168.188.149:45665 <-> 72.165.61.185:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 21 UDP 192.168.188.149:45665 <-> 72.165.61.187:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 22 UDP 192.168.188.149:45665 <-> 72.165.61.187:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 23 UDP 192.168.188.149:45665 <-> 72.165.61.188:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.04 sec] + 24 UDP 192.168.188.149:45665 <-> 146.66.152.12:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.19 sec] + 25 UDP 192.168.188.149:45665 <-> 146.66.152.12:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.19 sec] + 26 UDP 192.168.188.149:45665 <-> 146.66.152.12:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.20 sec] + 27 UDP 192.168.188.149:45665 <-> 146.66.152.13:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.18 sec][PLAIN TEXT (FGVS01)] + 28 UDP 192.168.188.149:45665 <-> 146.66.152.13:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.18 sec] + 29 UDP 192.168.188.149:45665 <-> 146.66.152.13:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.19 sec] + 30 UDP 192.168.188.149:45665 <-> 146.66.152.14:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.18 sec] + 31 UDP 192.168.188.149:45665 <-> 146.66.152.14:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.18 sec] + 32 UDP 192.168.188.149:45665 <-> 146.66.152.14:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.18 sec] + 33 UDP 192.168.188.149:45665 <-> 146.66.152.15:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.19 sec] + 34 UDP 192.168.188.149:45665 <-> 146.66.152.15:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.19 sec] + 35 UDP 192.168.188.149:45665 <-> 146.66.152.15:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.18 sec] + 36 UDP 192.168.188.149:45665 <-> 208.111.133.84:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.16 sec] + 37 UDP 192.168.188.149:45665 <-> 208.111.133.84:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.15 sec] + 38 UDP 192.168.188.149:45665 <-> 208.111.133.85:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.16 sec] + 39 UDP 192.168.188.149:45665 <-> 208.111.133.85:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.16 sec] + 40 UDP 192.168.188.149:45665 <-> 208.111.171.82:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes <-> 1 pkts/86 bytes][Goodput ratio: 45.6/50.6][0.08 sec][PLAIN TEXT (b VS01)] + 41 UDP 192.168.188.149:45665 -> 81.171.115.5:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 42 UDP 192.168.188.149:45665 -> 81.171.115.5:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 43 UDP 192.168.188.149:45665 -> 81.171.115.5:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 44 UDP 192.168.188.149:45665 -> 81.171.115.6:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 45 UDP 192.168.188.149:45665 -> 81.171.115.6:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 46 UDP 192.168.188.149:45665 -> 81.171.115.6:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 47 UDP 192.168.188.149:45665 -> 81.171.115.7:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 48 UDP 192.168.188.149:45665 -> 81.171.115.7:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 49 UDP 192.168.188.149:45665 -> 81.171.115.7:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 50 UDP 192.168.188.149:45665 -> 81.171.115.8:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 51 UDP 192.168.188.149:45665 -> 81.171.115.8:27018 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 52 UDP 192.168.188.149:45665 -> 81.171.115.8:27019 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 53 UDP 192.168.188.149:45665 -> 203.77.185.4:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 54 UDP 192.168.188.149:45665 -> 203.77.185.5:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] + 55 UDP 192.168.188.149:45665 -> 208.111.171.83:27017 [proto: 74/Steam][cat: Game/8][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 45.6/0.0][< 1 sec] diff --git a/tests/result/teredo.pcap.out b/tests/result/teredo.pcap.out index b8ddbd1ed..79a97d6e0 100644 --- a/tests/result/teredo.pcap.out +++ b/tests/result/teredo.pcap.out @@ -1,7 +1,7 @@ Teredo 24 2574 5 - 1 UDP 10.112.16.67:51812 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][10 pkts/930 bytes <-> 4 pkts/374 bytes][bytes ratio: 0.426 (Upload)][IAT c2s/s2c min/avg/max/stddev: 42/10 2184.0/2486.5 8524/4963 2528.1/2476.5][Pkt Len c2s/s2c min/avg/max/stddev: 82/90 93.0/93.5 95/95 3.7/2.1] - 2 UDP 10.112.16.106:52513 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][2 pkts/206 bytes <-> 2 pkts/302 bytes] - 3 UDP 10.112.16.64:56154 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes] - 4 UDP 10.112.16.89:60381 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes] - 5 UDP 10.112.16.92:63448 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes] + 1 UDP 10.112.16.67:51812 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][10 pkts/930 bytes <-> 4 pkts/374 bytes][Goodput ratio: 54.8/54.9][17.48 sec][bytes ratio: 0.426 (Upload)][IAT c2s/s2c min/avg/max/stddev: 42/10 2184.0/2486.5 8524/4963 2528.1/2476.5][Pkt Len c2s/s2c min/avg/max/stddev: 82/90 93.0/93.5 95/95 3.7/2.1] + 2 UDP 10.112.16.106:52513 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][2 pkts/206 bytes <-> 2 pkts/302 bytes][Goodput ratio: 58.9/71.9][38.10 sec] + 3 UDP 10.112.16.64:56154 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes][Goodput ratio: 58.7/71.7][0.05 sec] + 4 UDP 10.112.16.89:60381 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes][Goodput ratio: 58.7/71.7][0.05 sec] + 5 UDP 10.112.16.92:63448 <-> 194.136.28.76:3544 [proto: 214/Teredo][cat: Network/14][1 pkts/103 bytes <-> 1 pkts/151 bytes][Goodput ratio: 58.7/71.7][0.05 sec] diff --git a/tests/result/tinc.pcap.out b/tests/result/tinc.pcap.out index b56fa3c45..fed590d35 100644 --- a/tests/result/tinc.pcap.out +++ b/tests/result/tinc.pcap.out @@ -1,6 +1,6 @@ TINC 317 352291 4 - 1 UDP 185.83.218.112:55656 <-> 131.114.168.27:55656 [proto: 209/TINC][cat: VPN/2][29 pkts/30038 bytes <-> 105 pkts/139726 bytes][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 243.6/335.4 1049/2670 434.1/516.5][Pkt Len c2s/s2c min/avg/max/stddev: 158/118 1035.8/1330.7 1502/1510 544.4/412.4][PLAIN TEXT (E@zUIs1)] - 2 UDP 131.114.168.27:55655 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][101 pkts/136966 bytes <-> 29 pkts/32550 bytes][bytes ratio: 0.616 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 442.0/279.8 10377/1045 1172.0/448.4][Pkt Len c2s/s2c min/avg/max/stddev: 118/158 1356.1/1122.4 1510/1502 400.1/533.9][PLAIN TEXT (Cr64lS)] - 3 TCP 131.114.168.27:49290 <-> 185.83.218.112:55656 [proto: 209/TINC][cat: VPN/2][14 pkts/3812 bytes <-> 13 pkts/3098 bytes][bytes ratio: 0.103 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4296.5/18.9 46927/55 13481.0/23.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 272.3/238.3 1093/1091 380.0/362.6][PLAIN TEXT (1 94 64 0 0 5861ABF)] - 4 TCP 131.114.168.27:59244 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][15 pkts/3169 bytes <-> 11 pkts/2932 bytes][bytes ratio: 0.039 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3938.7/31.0 46978/85 12976.9/27.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 211.3/266.5 1093/1091 345.2/387.3][PLAIN TEXT (1 429 672 0 0 2)] + 1 UDP 185.83.218.112:55656 <-> 131.114.168.27:55656 [proto: 209/TINC][cat: VPN/2][29 pkts/30038 bytes <-> 105 pkts/139726 bytes][Goodput ratio: 95.9/96.8][35.82 sec][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 243.6/335.4 1049/2670 434.1/516.5][Pkt Len c2s/s2c min/avg/max/stddev: 158/118 1035.8/1330.7 1502/1510 544.4/412.4][PLAIN TEXT (E@zUIs1)] + 2 UDP 131.114.168.27:55655 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][101 pkts/136966 bytes <-> 29 pkts/32550 bytes][Goodput ratio: 96.9/96.3][42.97 sec][bytes ratio: 0.616 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 442.0/279.8 10377/1045 1172.0/448.4][Pkt Len c2s/s2c min/avg/max/stddev: 118/158 1356.1/1122.4 1510/1502 400.1/533.9][PLAIN TEXT (Cr64lS)] + 3 TCP 131.114.168.27:49290 <-> 185.83.218.112:55656 [proto: 209/TINC][cat: VPN/2][14 pkts/3812 bytes <-> 13 pkts/3098 bytes][Goodput ratio: 79.6/76.0][47.37 sec][bytes ratio: 0.103 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4296.5/18.9 46927/55 13481.0/23.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 272.3/238.3 1093/1091 380.0/362.6][PLAIN TEXT (1 94 64 0 0 5861ABF)] + 4 TCP 131.114.168.27:59244 <-> 185.83.218.112:55655 [proto: 209/TINC][cat: VPN/2][15 pkts/3169 bytes <-> 11 pkts/2932 bytes][Goodput ratio: 73.8/78.7][47.36 sec][bytes ratio: 0.039 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3938.7/31.0 46978/85 12976.9/27.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 211.3/266.5 1093/1091 345.2/387.3][PLAIN TEXT (1 429 672 0 0 2)] diff --git a/tests/result/tor.pcap.out b/tests/result/tor.pcap.out index 4eb9d2efc..8875e4f7c 100644 --- a/tests/result/tor.pcap.out +++ b/tests/result/tor.pcap.out @@ -9,14 +9,14 @@ JA3 Host Stats: 1 192.168.1.252 1 - 1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 91.163/TLS.Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][bytes ratio: -0.760 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 212.9/86.0 33482/11394 1581.9/404.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 261.7/1175.6 1514/1514 348.8/544.1][TLSv1][Client: www.jmts2id.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][Server: www.gg562izcxdvqdk.com][JA3S: e1691a31bfe345d2692da75636ddfb00][Certificate SHA-1: C1:93:18:2C:A3:1D:AC:5F:C7:DE:17:8A:4E:B1:E8:13:BB:08:73:3A][Validity: 2013-09-15 00:00:00 - 2014-02-21 23:59:59][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA] - 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][bytes ratio: -0.790 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 202.5/109.1 30770/31166 1830.3/1316.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 251.7/1247.8 1514/1514 354.5/507.1][TLSv1][Client: www.q4cyamnc6mtokjurvdclt.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (cyamnc6)] - 3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2212.0/966.0 44777/37995 8343.4/4770.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 366.4/580.0 1514/1514 349.5/568.1][TLSv1][Client: www.ct7ctrgb6cr7.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (www.ct7)] - 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 91/TLS][cat: Web/5][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 10377.8/8441.0 132386/132736 35221.5/32093.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 322.9/334.8 640/1514 270.5/384.8][TLSv1][Client: www.gfu7hbxpfp.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][Server: www.xkgk7fdx362yyyxib.com][JA3S: 184d532a16876b78846ae6a03f654890][Certificate SHA-1: 94:F9:FF:E2:7F:DB:1F:B8:19:65:20:6F:F6:DE:B6:A5:D5:AF:14:C7][Validity: 2013-10-03 00:00:00 - 2013-11-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][bytes ratio: -0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 6124.3/2564.1 71328/34353 19660.8/8817.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 303.6/349.1 640/1514 266.5/398.3][TLSv1][Client: www.e6r5p57kbafwrxj3plz.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (57kbafwrx)] - 6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][bytes ratio: -0.292 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 11234.2/11260.6 72591/72890 25060.3/25130.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 230.7/421.2 640/1514 242.6/402.9][TLSv1][Client: www.t3i3ru.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (ru.com)] - 7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/15 6155.3/6464.2 63835/63837 17571.0/19124.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 242.3/430.5 640/1514 246.7/415.8][TLSv1][Client: www.6gyip7tqim7sieb.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (sieb.com)] - 8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30033/0 66765.1/0.0 360548/0 103867.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 186/0 186.0/0.0 186/0 0.0/0.0][PLAIN TEXT ( 676879976)] - 9 UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 6282.2/0.0 16006/0 5399.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 151/0 151.0/0.0 151/0 0.0/0.0][PLAIN TEXT (Endian)] - 10 UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes][Host: endian-pc][PLAIN TEXT ( EFEOEEEJEBEOCNFAEDCACACACACACA)] - 11 TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes] + 1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 91.163/TLS.Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][Goodput ratio: 77.7/95.4][134.33 sec][bytes ratio: -0.760 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 212.9/86.0 33482/11394 1581.9/404.0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 261.7/1175.6 1514/1514 348.8/544.1][TLSv1][Client: www.jmts2id.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][Server: www.gg562izcxdvqdk.com][JA3S: e1691a31bfe345d2692da75636ddfb00][Certificate SHA-1: C1:93:18:2C:A3:1D:AC:5F:C7:DE:17:8A:4E:B1:E8:13:BB:08:73:3A][Validity: 2013-09-15 00:00:00 - 2014-02-21 23:59:59][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA] + 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][Goodput ratio: 76.8/95.7][106.13 sec][bytes ratio: -0.790 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 202.5/109.1 30770/31166 1830.3/1316.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 251.7/1247.8 1514/1514 354.5/507.1][TLSv1][Client: www.q4cyamnc6mtokjurvdclt.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (cyamnc6)] + 3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][Goodput ratio: 84.4/90.7][109.04 sec][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2212.0/966.0 44777/37995 8343.4/4770.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 366.4/580.0 1514/1514 349.5/568.1][TLSv1][Client: www.ct7ctrgb6cr7.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (www.ct7)] + 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 91/TLS][cat: Web/5][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][Goodput ratio: 82.4/83.7][135.32 sec][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 10377.8/8441.0 132386/132736 35221.5/32093.7][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 322.9/334.8 640/1514 270.5/384.8][TLSv1][Client: www.gfu7hbxpfp.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][Server: www.xkgk7fdx362yyyxib.com][JA3S: 184d532a16876b78846ae6a03f654890][Certificate SHA-1: 94:F9:FF:E2:7F:DB:1F:B8:19:65:20:6F:F6:DE:B6:A5:D5:AF:14:C7][Validity: 2013-10-03 00:00:00 - 2013-11-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][Goodput ratio: 81.2/84.3][108.05 sec][bytes ratio: -0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 6124.3/2564.1 71328/34353 19660.8/8817.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 303.6/349.1 640/1514 266.5/398.3][TLSv1][Client: www.e6r5p57kbafwrxj3plz.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (57kbafwrx)] + 6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][Goodput ratio: 74.8/87.0][135.27 sec][bytes ratio: -0.292 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 11234.2/11260.6 72591/72890 25060.3/25130.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 230.7/421.2 640/1514 242.6/402.9][TLSv1][Client: www.t3i3ru.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (ru.com)] + 7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][Goodput ratio: 76.2/87.2][74.24 sec][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/15 6155.3/6464.2 63835/63837 17571.0/19124.4][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 242.3/430.5 640/1514 246.7/415.8][TLSv1][Client: www.6gyip7tqim7sieb.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (sieb.com)] + 8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes][Goodput ratio: 77.4/0.0][600.89 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30033/0 66765.1/0.0 360548/0 103867.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 186/0 186.0/0.0 186/0 0.0/0.0][PLAIN TEXT ( 676879976)] + 9 UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes][Goodput ratio: 58.9/0.0][31.41 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 6282.2/0.0 16006/0 5399.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 151/0 151.0/0.0 151/0 0.0/0.0][PLAIN TEXT (Endian)] + 10 UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes][Goodput ratio: 83.0/0.0][< 1 sec][Host: endian-pc][PLAIN TEXT ( EFEOEEEJEBEOCNFAEDCACACACACACA)] + 11 TCP 192.168.1.252:51104 -> 157.56.30.46:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/ubntac2.pcap.out b/tests/result/ubntac2.pcap.out index d6e55cce5..a4a57bd4e 100644 --- a/tests/result/ubntac2.pcap.out +++ b/tests/result/ubntac2.pcap.out @@ -1,10 +1,10 @@ UBNTAC2 8 1736 8 - 1 UDP 192.168.1.1:34085 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 2 UDP 192.168.1.1:42838 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 3 UDP 192.168.1.1:44641 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 4 UDP 192.168.1.1:47746 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 5 UDP 192.168.1.1:47871 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 6 UDP 192.168.1.1:52220 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 7 UDP 192.168.1.1:55321 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] - 8 UDP 192.168.1.1:59772 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 1 UDP 192.168.1.1:34085 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 2 UDP 192.168.1.1:42838 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 3 UDP 192.168.1.1:44641 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 4 UDP 192.168.1.1:47746 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 5 UDP 192.168.1.1:47871 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 6 UDP 192.168.1.1:52220 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 7 UDP 192.168.1.1:55321 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] + 8 UDP 192.168.1.1:59772 -> 255.255.255.255:10001 [proto: 31/UBNTAC2][cat: Network/14][1 pkts/217 bytes -> 0 pkts/0 bytes][Goodput ratio: 80.3/0.0][< 1 sec][UniFiSecurityGateway.ER-e120.v4][PLAIN TEXT (UniFiSecurityGateway.ER)] diff --git a/tests/result/upnp.pcap.out b/tests/result/upnp.pcap.out index 3400fbedb..17b5cbdbb 100644 --- a/tests/result/upnp.pcap.out +++ b/tests/result/upnp.pcap.out @@ -1,4 +1,4 @@ UPnP 14 9912 2 - 1 UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 118/0 938.5/0.0 2000/0 751.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 718/0 718.0/0.0 718/0 0.0/0.0][PLAIN TEXT (xml version)] - 2 UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 179/0 1107.3/0.0 2004/0 740.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698.0/0.0 698/0 0.0/0.0][PLAIN TEXT (xml version)] + 1 UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes][Goodput ratio: 91.3/0.0][5.63 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 118/0 938.5/0.0 2000/0 751.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 718/0 718.0/0.0 718/0 0.0/0.0][PLAIN TEXT (xml version)] + 2 UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/UPnP][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes][Goodput ratio: 94.0/0.0][6.64 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 179/0 1107.3/0.0 2004/0 740.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698.0/0.0 698/0 0.0/0.0][PLAIN TEXT (xml version)] diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 3953a20e3..b55e4bf8e 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -13,29 +13,29 @@ JA3 Host Stats: 1 192.168.0.17 2 - 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/TLS.Viber][cat: Chat/9][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][bytes ratio: -0.859 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 162.3/2.3 5370/40 906.6/7.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106.3/1306.2 774/1514 151.1/466.3][TLSv1.2][Client: dl-media.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Organization: Viber Media Sarl][Certificate SHA-1: E1:11:26:E6:14:A5:E6:F7:F1:CB:68:D1:A6:95:A1:5E:11:48:72:2A][Validity: 2016-06-26 00:00:00 - 2018-06-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/TLS.Viber][cat: Chat/9][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][bytes ratio: -0.669 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 622.1/10.0 5492/35 1721.8/14.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154.0/776.4 435/1514 138.2/635.3][TLSv1.2][Client: media.cdn.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.cdn.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Organization: Viber Media Sarl][Certificate SHA-1: B6:30:6F:02:75:A8:08:0A:AE:AA:9C:6C:9F:B5:8E:4C:82:02:3D:39][Validity: 2016-07-03 00:00:00 - 2018-07-03 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91.178/TLS.Amazon][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][bytes ratio: -0.398 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58.4/59.8 176/183 76.2/72.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 217.2/468.0 1514/1514 380.1/569.8][TLSv1.2][Client: brahe.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Organization: Apptimize, Inc][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][cat: VoIP/10][32 pkts/6563 bytes <-> 26 pkts/2782 bytes][bytes ratio: 0.405 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1220.3/1488.8 7187/7333 2089.5/2187.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 205.1/107.0 657/176 184.2/42.7] - 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][bytes ratio: 0.217 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2820.8/2646.3 23555/23575 6837.7/7399.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 355.9/286.3 1038/884 369.7/257.9][TLSv1.2][Client: app-measurement.com][JA3C: 3967ff2d2c9c4d144e7e30f24f4e9761][JA3S: 67619a80665d7ab92d1041b1d11f9164][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 104.0/50.9 273/178 102.4/80.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 130.6/582.9 432/1514 111.7/601.3][TLSv1.2][Client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Organization: Apptimize, Inc][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/TLS][cat: Web/5][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][bytes ratio: -0.605 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.0/18.6 152/60 47.4/24.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153.4/693.2 631/1514 169.0/615.5][TLSv1][Client: venetia.iad.appboy.com][JA3C: d8c87b9bfde38897979e41242626c2f3] - 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][bytes ratio: -0.617 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 93.0/53.0 185/189 87.4/83.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 132.9/560.3 433/1514 110.8/605.1][TLSv1][Client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3] - 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: VoIP/10][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 15/15 303.7/333.6 529/529 208.6/187.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 209.8/104.6 299/118 115.2/19.6][PLAIN TEXT (Android)] - 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: VoIP/10][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 203.1/278.8 513/531 232.5/235.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 173.8/104.0 299/118 120.4/19.8][PLAIN TEXT (Android)] - 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes][PLAIN TEXT (1234567890ABCDEFGHIJKLMNOPQ)] - 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com][PLAIN TEXT (apptimize)] - 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 1906.7/0.0 5652/0 2648.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68.0/70.0 74/74 3.5/4.0] - 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 2422.0/0.0 7191/0 3372.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68.0/70.0 74/74 3.5/4.0] - 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes][PLAIN TEXT (805741C)] - 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Host: app.adjust.com][PLAIN TEXT (adjust)] - 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Host: graph.facebook.com][PLAIN TEXT (facebook)] - 18 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Host: venetia.iad.appboy.com][PLAIN TEXT (venetia)] - 19 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Host: media.cdn.viber.com][PLAIN TEXT (cloudfront)] - 20 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Host: dl-media.viber.com][PLAIN TEXT (cloudfront)] - 21 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes] - 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com][PLAIN TEXT (measurement)] - 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com][PLAIN TEXT (google)] - 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] - 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes] - 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes] + 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/TLS.Viber][cat: Chat/9][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][Goodput ratio: 37.7/94.9][5.64 sec][bytes ratio: -0.859 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 162.3/2.3 5370/40 906.6/7.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106.3/1306.2 774/1514 151.1/466.3][TLSv1.2][Client: dl-media.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Organization: Viber Media Sarl][Certificate SHA-1: E1:11:26:E6:14:A5:E6:F7:F1:CB:68:D1:A6:95:A1:5E:11:48:72:2A][Validity: 2016-06-26 00:00:00 - 2018-06-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/TLS.Viber][cat: Chat/9][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][Goodput ratio: 56.7/91.4][5.69 sec][bytes ratio: -0.669 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 622.1/10.0 5492/35 1721.8/14.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154.0/776.4 435/1514 138.2/635.3][TLSv1.2][Client: media.cdn.viber.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.cdn.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Organization: Viber Media Sarl][Certificate SHA-1: B6:30:6F:02:75:A8:08:0A:AE:AA:9C:6C:9F:B5:8E:4C:82:02:3D:39][Validity: 2016-07-03 00:00:00 - 2018-07-03 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91.178/TLS.Amazon][cat: Web/5][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][Goodput ratio: 69.3/85.8][1.00 sec][bytes ratio: -0.398 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58.4/59.8 176/183 76.2/72.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 217.2/468.0 1514/1514 380.1/569.8][TLSv1.2][Client: brahe.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Organization: Apptimize, Inc][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][cat: VoIP/10][32 pkts/6563 bytes <-> 26 pkts/2782 bytes][Goodput ratio: 67.8/38.3][46.77 sec][bytes ratio: 0.405 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1220.3/1488.8 7187/7333 2089.5/2187.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 205.1/107.0 657/176 184.2/42.7] + 5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][Goodput ratio: 81.3/76.7][33.94 sec][bytes ratio: 0.217 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2820.8/2646.3 23555/23575 6837.7/7399.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 355.9/286.3 1038/884 369.7/257.9][TLSv1.2][Client: app-measurement.com][JA3C: 3967ff2d2c9c4d144e7e30f24f4e9761][JA3S: 67619a80665d7ab92d1041b1d11f9164][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][Goodput ratio: 48.9/88.7][1.01 sec][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 104.0/50.9 273/178 102.4/80.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 130.6/582.9 432/1514 111.7/601.3][TLSv1.2][Client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Organization: Apptimize, Inc][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/TLS][cat: Web/5][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][Goodput ratio: 54.9/90.3][0.23 sec][bytes ratio: -0.605 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.0/18.6 152/60 47.4/24.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153.4/693.2 631/1514 169.0/615.5][TLSv1][Client: venetia.iad.appboy.com][JA3C: d8c87b9bfde38897979e41242626c2f3] + 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][Goodput ratio: 48.1/88.3][0.92 sec][bytes ratio: -0.617 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 93.0/53.0 185/189 87.4/83.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 132.9/560.3 433/1514 110.8/605.1][TLSv1][Client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3] + 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: VoIP/10][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][Goodput ratio: 80.0/59.8][7.22 sec][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 15/15 303.7/333.6 529/529 208.6/187.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 209.8/104.6 299/118 115.2/19.6][PLAIN TEXT (Android)] + 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: VoIP/10][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][Goodput ratio: 75.8/59.6][5.68 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 203.1/278.8 513/531 232.5/235.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 173.8/104.0 299/118 120.4/19.8][PLAIN TEXT (Android)] + 11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes][Goodput ratio: 97.2/97.2][< 1 sec][PLAIN TEXT (1234567890ABCDEFGHIJKLMNOPQ)] + 12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Goodput ratio: 45.6/88.5][0.00 sec][Host: mapi.apptimize.com][PLAIN TEXT (apptimize)] + 13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0.0/0.0][5.72 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 1906.7/0.0 5652/0 2648.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68.0/70.0 74/74 3.5/4.0] + 14 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0.0/0.0][7.27 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 2422.0/0.0 7191/0 3372.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68.0/70.0 74/74 3.5/4.0] + 15 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/412 bytes -> 0 pkts/0 bytes][Goodput ratio: 59.1/0.0][20.01 sec][PLAIN TEXT (805741C)] + 16 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/303 bytes][Goodput ratio: 42.7/85.9][0.00 sec][Host: app.adjust.com][PLAIN TEXT (adjust)] + 17 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/203 bytes][Goodput ratio: 45.6/78.9][0.00 sec][Host: graph.facebook.com][PLAIN TEXT (facebook)] + 18 UDP 192.168.0.17:44376 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/183 bytes][Goodput ratio: 48.2/76.6][0.03 sec][Host: venetia.iad.appboy.com][PLAIN TEXT (venetia)] + 19 UDP 192.168.0.17:37418 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/185 bytes][Goodput ratio: 46.3/76.9][0.12 sec][Host: media.cdn.viber.com][PLAIN TEXT (cloudfront)] + 20 UDP 192.168.0.17:40445 <-> 192.168.0.15:53 [proto: 5.144/DNS.Viber][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/185 bytes][Goodput ratio: 45.6/76.9][0.03 sec][Host: dl-media.viber.com][PLAIN TEXT (cloudfront)] + 21 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/130 bytes <-> 1 pkts/64 bytes][Goodput ratio: 35.1/33.8][0.00 sec] + 22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46.3/55.2][0.02 sec][Host: app-measurement.com][PLAIN TEXT (measurement)] + 23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Goodput ratio: 42.7/52.7][0.00 sec][Host: www.google.com][PLAIN TEXT (google)] + 24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 11.3/0.0][< 1 sec] + 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes][Goodput ratio: 44.2/31.7][0.03 sec] + 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes][Goodput ratio: 44.2/31.7][0.03 sec] diff --git a/tests/result/vnc.pcap.out b/tests/result/vnc.pcap.out index d2023e612..bb4c40c07 100644 --- a/tests/result/vnc.pcap.out +++ b/tests/result/vnc.pcap.out @@ -1,4 +1,4 @@ VNC 4551 329158 2 - 1 TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes][bytes ratio: 0.552 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.2/10.2 841/845 31.4/42.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80.1/54.3 89/88 5.3/2.7][PLAIN TEXT (ws57U@4.00)] - 2 TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes][bytes ratio: 0.512 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 5.9/11.6 538/501 32.4/42.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80.3/54.7 89/88 4.7/4.2] + 1 TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes][Goodput ratio: 32.1/0.5][16.52 sec][bytes ratio: 0.552 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.2/10.2 841/845 31.4/42.3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80.1/54.3 89/88 5.3/2.7][PLAIN TEXT (ws57U@4.00)] + 2 TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes][Goodput ratio: 32.3/1.2][4.15 sec][bytes ratio: 0.512 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 5.9/11.6 538/501 32.4/42.6][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80.3/54.7 89/88 4.7/4.2] diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out index b30d22f96..749669238 100644 --- a/tests/result/waze.pcap.out +++ b/tests/result/waze.pcap.out @@ -11,39 +11,39 @@ JA3 Host Stats: 1 10.8.0.1 2 - 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][bytes ratio: -0.747 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 287.7/329.3 3806/5018 686.4/819.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 208.8/1360.9 590/17258 183.0/3378.1][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 320.7/372.6 3680/3677 903.4/959.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68.9/3438.7 317/11833 58.6/3467.6][URL: xtra1.gpsonextra.net/xtra2.bin][StatusCode: 200][ContentType: application/octet-stream][UserAgent: Android][PLAIN TEXT (GET /xtra)] - 3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 155.3/188.5 387/415 136.9/130.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115.4/3558.4 590/21942 132.3/6124.9][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][bytes ratio: -0.902 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.8/125.8 1449/293 382.9/116.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 128.0/2829.5 590/11186 147.3/3901.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][bytes ratio: -0.890 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 237.2/155.3 1289/609 358.5/182.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 102.7/2026.6 411/8150 98.2/2611.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 6 TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 578.4/1210.2 5838/5890 1444.5/1891.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 139.3/518.8 555/3660 140.6/938.6][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 7 TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][bytes ratio: -0.775 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 162.5/196.0 343/348 153.1/132.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 129.2/1018.9 283/4048 86.6/1610.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 8 TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][bytes ratio: -0.672 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 298.1/360.9 1175/1175 372.1/354.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 106.8/594.6 315/1422 85.4/584.3][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 9 TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 283.4/305.9 1174/1173 370.4/349.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 111.6/648.7 315/2165 87.6/739.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 10 TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 728.7/962.9 4966/4966 1533.8/1663.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 137.5/411.2 380/3201 123.8/874.8][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 195.8/194.7 883/537 285.6/190.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 126.8/383.6 380/2189 106.9/639.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 335.4/261.1 1332/645 428.4/235.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 114.5/490.3 347/2533 94.6/785.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 300.3/341.3 1397/1346 459.1/420.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 131.6/485.4 379/2165 107.7/725.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] - 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75.0/104.8 261/274 88.5/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.7/428.0 137/1678 26.0/650.9][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][ContentType: image/png][UserAgent: /3.9.4.0][PLAIN TEXT (GET /images/HD/CH)] - 15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91.126/TLS.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 32.2/74.5 53/188 24.3/68.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 162.4/167.5 572/602 176.8/200.3][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA3S: 23f1f6e2f0015c166df49fdab4280370 (INSECURE)][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA] - 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.7/28.7 134/84 49.8/39.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.2/110.1 194/447 45.7/137.5][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /lang)] - 17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes][bytes ratio: 0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 80.5/98.2 289/238 105.9/82.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84.1/95.4 222/245 53.4/66.5][PLAIN TEXT (Android)] - 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105.4/174.3 394/397 152.4/165.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.6/110.1 211/447 54.1/137.5][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /newV)] - 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42.2/69.7 177/177 68.5/77.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.3/110.1 209/447 53.4/137.5][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /lang)] - 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34.4/56.3 169/168 67.3/79.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.9/110.1 206/447 52.3/137.5][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /langs/1.0/lang.portuguese)] - 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/42.3 126/125 50.1/58.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.6/109.9 204/445 51.7/136.8][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /newV)] - 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.8/68.0 176/174 68.0/75.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.0/104.7 207/409 52.7/124.2][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /shields)] - 23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 26 TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 27 TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes] - 28 TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 29 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 30 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 31 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 32 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes] + 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][Goodput ratio: 74.0/96.0][19.68 sec][bytes ratio: -0.747 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 287.7/329.3 3806/5018 686.4/819.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 208.8/1360.9 590/17258 183.0/3378.1][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Goodput ratio: 20.1/98.4][5.27 sec][Host: xtra1.gpsonextra.net][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 320.7/372.6 3680/3677 903.4/959.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68.9/3438.7 317/11833 58.6/3467.6][URL: xtra1.gpsonextra.net/xtra2.bin][StatusCode: 200][ContentType: application/octet-stream][UserAgent: Android][PLAIN TEXT (GET /xtra)] + 3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][Goodput ratio: 52.2/98.5][2.64 sec][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 155.3/188.5 387/415 136.9/130.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115.4/3558.4 590/21942 132.3/6124.9][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][Goodput ratio: 56.9/98.1][3.70 sec][bytes ratio: -0.902 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.8/125.8 1449/293 382.9/116.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 128.0/2829.5 590/11186 147.3/3901.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][Goodput ratio: 46.1/97.3][3.22 sec][bytes ratio: -0.890 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 237.2/155.3 1289/609 358.5/182.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 102.7/2026.6 411/8150 98.2/2611.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 6 TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][Goodput ratio: 60.4/89.6][15.91 sec][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 578.4/1210.2 5838/5890 1444.5/1891.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 139.3/518.8 555/3660 140.6/938.6][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 7 TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][Goodput ratio: 56.2/94.7][1.29 sec][bytes ratio: -0.775 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 162.5/196.0 343/348 153.1/132.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 129.2/1018.9 283/4048 86.6/1610.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 8 TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][Goodput ratio: 47.9/90.9][3.03 sec][bytes ratio: -0.672 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 298.1/360.9 1175/1175 372.1/354.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 106.8/594.6 315/1422 85.4/584.3][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 9 TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][Goodput ratio: 50.0/91.7][2.56 sec][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 283.4/305.9 1174/1173 370.4/349.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 111.6/648.7 315/2165 87.6/739.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 10 TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][Goodput ratio: 59.5/86.9][6.85 sec][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 728.7/962.9 4966/4966 1533.8/1663.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 137.5/411.2 380/3201 123.8/874.8][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][Goodput ratio: 56.1/85.9][2.36 sec][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 195.8/194.7 883/537 285.6/190.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 126.8/383.6 380/2189 106.9/639.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][Goodput ratio: 51.2/89.0][3.32 sec][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 335.4/261.1 1332/645 428.4/235.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 114.5/490.3 347/2533 94.6/785.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][Goodput ratio: 57.2/88.9][2.45 sec][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 300.3/341.3 1397/1346 459.1/420.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 131.6/485.4 379/2165 107.7/725.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] + 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Goodput ratio: 14.4/87.4][0.53 sec][Host: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75.0/104.8 261/274 88.5/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.7/428.0 137/1678 26.0/650.9][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][ContentType: image/png][UserAgent: /3.9.4.0][PLAIN TEXT (GET /images/HD/CH)] + 15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91.126/TLS.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][Goodput ratio: 64.9/67.7][0.40 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 32.2/74.5 53/188 24.3/68.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 162.4/167.5 572/602 176.8/200.3][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA3S: 23f1f6e2f0015c166df49fdab4280370 (INSECURE)][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA] + 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Goodput ratio: 23.9/50.9][0.14 sec][Host: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.7/28.7 134/84 49.8/39.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.2/110.1 194/447 45.7/137.5][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /lang)] + 17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes][Goodput ratio: 32.8/43.3][0.55 sec][bytes ratio: 0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 80.5/98.2 289/238 105.9/82.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84.1/95.4 222/245 53.4/66.5][PLAIN TEXT (Android)] + 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28.5/50.9][0.54 sec][Host: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105.4/174.3 394/397 152.4/165.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.6/110.1 211/447 54.1/137.5][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /newV)] + 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28.2/50.9][0.29 sec][Host: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42.2/69.7 177/177 68.5/77.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.3/110.1 209/447 53.4/137.5][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /lang)] + 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Goodput ratio: 27.8/50.9][0.23 sec][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34.4/56.3 169/168 67.3/79.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.9/110.1 206/447 52.3/137.5][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /langs/1.0/lang.portuguese)] + 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Goodput ratio: 27.6/50.8][0.14 sec][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/42.3 126/125 50.1/58.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.6/109.9 204/445 51.7/136.8][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /newV)] + 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Goodput ratio: 28.0/48.4][0.29 sec][Host: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.8/68.0 176/174 68.0/75.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.0/104.7 207/409 52.7/124.2][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /shields)] + 23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.01 sec] + 25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.01 sec] + 26 TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.01 sec] + 27 TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.01 sec] + 28 TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 29 TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 30 TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.00 sec] + 31 TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.01 sec] + 32 UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][Goodput ratio: 52.7/52.7][0.31 sec] Undetected flows: - 1 TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 0/Unknown][8 pkts/678 bytes <-> 2 pkts/108 bytes][bytes ratio: 0.725 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4574.6/0.0 16193/0 5409.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 84.8/54.0 91/54 10.8/0.0] + 1 TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 0/Unknown][8 pkts/678 bytes <-> 2 pkts/108 bytes][Goodput ratio: 22.1/0.0][32.03 sec][bytes ratio: 0.725 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4574.6/0.0 16193/0 5409.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 84.8/54.0 91/54 10.8/0.0] diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out index 0c364f78d..dd4e89f65 100644 --- a/tests/result/webex.pcap.out +++ b/tests/result/webex.pcap.out @@ -10,60 +10,60 @@ JA3 Host Stats: 1 10.8.0.1 6 - 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][bytes ratio: -0.915 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 135.3/140.2 2165/2214 262.0/271.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 57.4/1281.6 528/29696 36.0/3034.6][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][bytes ratio: -0.912 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 112.2/100.6 455/404 117.1/99.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 172.0/3745.8 590/18020 205.7/4699.9][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 3 TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][bytes ratio: -0.750 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 103.7/138.1 1189/1223 219.9/217.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 240.4/1716.9 590/17734 233.4/3587.1][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][Server: *.webex.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2013-10-31 00:00:00 - 2023-10-30 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 4 TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 143.9/154.3 1031/979 260.1/240.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.5/2130.4 590/8901 135.5/2681.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 5 TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][bytes ratio: -0.915 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/5 382.9/399.3 1876/1875 577.4/571.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 127.6/2863.1 528/14373 150.1/4303.6][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 6 TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][bytes ratio: -0.837 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 108.1/138.8 519/469 176.0/157.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 165.0/1864.5 590/8448 193.3/2710.5][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][bytes ratio: 0.305 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1424.5/790.5 16039/7189 2910.5/1472.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 228.8/134.1 590/3961 153.6/546.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1008/0 4782.7/0.0 32494/0 6932.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698.0/0.0 698/0 0.0/0.0][PLAIN TEXT (REGISTER sip)] - 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][bytes ratio: -0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 795.8/451.5 6005/3010 1690.7/777.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157.2/276.2 432/3961 108.2/830.4][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] - 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91.178/TLS.Amazon][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3166.5/655.0 34507/5259 9150.7/1545.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124.0/541.7 590/1502 148.6/614.4][TLSv1][Client: api.crittercism.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: *.crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a (INSECURE)][Certificate SHA-1: 68:8B:FC:77:1E:CA:80:33:0C:A9:0E:29:A6:E4:0D:FC:3A:AE:43:18][Validity: 2015-01-14 00:00:00 - 2020-01-13 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][bytes ratio: -0.663 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 523.4/352.4 2070/1020 729.8/365.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157.4/873.0 576/3993 178.5/1443.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/51 159.6/194.8 357/356 154.1/125.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 187.0/990.0 576/3993 192.5/1507.6][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][bytes ratio: -0.657 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 385.3/312.0 2171/1116 743.4/395.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152.1/827.6 528/2974 166.2/1098.7][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 14 TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][bytes ratio: -0.656 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/16 385.9/312.5 2179/1125 745.9/385.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152.1/825.0 528/2633 166.2/1028.2][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 15 TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][bytes ratio: -0.670 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 96.8/110.0 277/276 117.0/105.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 164.4/831.6 528/2581 172.4/1033.3][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 16 TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][bytes ratio: -0.677 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 545.8/396.2 2119/1071 811.9/386.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 180.1/933.6 528/3961 178.9/1446.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 17 TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][bytes ratio: -0.677 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 544.8/396.2 2066/1021 793.0/376.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 180.1/933.6 528/3961 178.9/1446.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 18 TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][bytes ratio: -0.620 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 534.4/640.3 3074/2046 1047.8/713.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152.1/648.7 528/3993 166.2/1254.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 19 TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 433.0/304.0 2119/1065 771.8/366.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 164.4/723.0 528/2633 172.4/919.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 20 TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][bytes ratio: -0.449 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 112.6/139.1 555/553 188.7/186.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 166.4/400.9 590/2581 167.4/757.6][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 21 TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 126.6/190.1 512/509 170.3/159.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 163.5/432.5 590/3961 167.4/1117.3][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 22 TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117.8/180.3 470/468 157.2/150.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 163.5/432.5 590/3961 167.4/1117.3][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 23 TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 304.9/639.3 1712/1786 557.1/738.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 163.5/432.5 590/3961 167.4/1117.3][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 24 TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][bytes ratio: -0.517 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 389.4/620.7 1225/1224 477.2/510.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 171.1/604.4 590/3751 167.6/1199.5][TLSv1.2][Client: ssl.google-analytics.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1][Server: *.google-analytics.com][JA3S: 389ed42c02ebecc32e73aa31def07e14][Organization: Google Inc][Certificate SHA-1: E0:F0:1E:71:F2:B5:D9:2D:F7:4E:8F:CB:10:37:17:7C:0C:C4:07:9D][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 25 TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/895 bytes <-> 8 pkts/4398 bytes][bytes ratio: -0.662 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 263.0/413.2 1025/1231 416.0/511.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99.4/549.8 380/2581 101.1/889.3][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 26 TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/10 300.8/483.5 1105/1237 425.1/496.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.1/625.1 380/3993 105.9/1375.1][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 27 TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/7 298.7/483.0 1096/1238 422.9/497.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.1/625.1 380/3993 105.9/1375.1][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 28 TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/TLS.Webex][cat: Web/5][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][bytes ratio: -0.546 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/9 125.4/128.6 463/394 174.1/138.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 168.7/574.4 448/2957 157.6/988.7][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: www.webex.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Cisco Systems][Certificate SHA-1: EE:CE:24:B7:67:4D:F0:3F:16:80:F8:DC:E3:53:45:5F:3E:41:25:CD][Validity: 2010-02-19 22:39:26 - 2020-02-18 22:39:26][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 29 TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/461 bytes <-> 6 pkts/4231 bytes][bytes ratio: -0.803 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/14 596.2/745.0 1927/1038 776.4/424.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.9/705.2 117/2896 22.0/1054.1][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2023-10-30 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 30 TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/407 bytes <-> 5 pkts/4177 bytes][bytes ratio: -0.822 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 1018.2/992.3 2975/1922 1214.3/785.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 67.8/835.4 117/3961 23.2/1562.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] - 31 TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1465 bytes <-> 11 pkts/1065 bytes][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 77.1/76.9 283/252 98.2/86.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 146.5/96.8 590/396 160.9/101.6][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 32 TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1388 bytes <-> 10 pkts/1087 bytes][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1644.0/1878.7 10453/11491 3421.2/3952.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 138.8/108.7 590/472 162.8/127.1][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 33 TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][bytes ratio: 0.376 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8503.6/9920.5 59268/59268 20724.6/22069.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 150.8/68.3 590/183 167.8/40.5][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 34 TCP 10.8.0.1:33554 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][bytes ratio: 0.376 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/1 1877.3/2190.0 12884/12885 4493.7/4783.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 150.8/68.3 590/183 167.8/40.5][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 35 TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com][bytes ratio: 0.083 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8230.0/114.3 40802/243 16286.2/99.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 161.7/136.8 590/551 194.2/185.2][URL: cp.pushwoosh.com/json/1.3/registerDevice][StatusCode: 200][ContentType: application/json][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; LG-D855 Build/KVT49L.A1412087656)][PLAIN TEXT (POST /j)] - 36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes][bytes ratio: 0.477 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 313.8/390.5 1555/1504 620.6/643.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 182.9/75.5 590/183 180.3/48.1][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com][bytes ratio: -0.103 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/105 10286.0/13713.3 40778/40779 17604.8/19138.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124.8/153.4 388/551 131.8/198.8][URL: cp.pushwoosh.com/json/1.3/applicationOpen][StatusCode: 200][ContentType: application/json][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; LG-D855 Build/KVT49L.A1412087656)][PLAIN TEXT (POST /j)] - 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes][bytes ratio: 0.829 (Upload)][IAT c2s/s2c min/avg/max/stddev: 122/117 1602.2/117.0 8966/117 2266.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 47/50 76.5/50.0 84/50 14.4/0.0] - 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 100.6/149.3 442/392 171.7/172.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 102.3/79.8 281/146 81.4/36.1][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][bytes ratio: 0.238 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 112.0/148.3 444/442 191.7/207.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 112.0/86.2 281/183 86.0/55.9][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/501 bytes <-> 4 pkts/216 bytes][bytes ratio: 0.397 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 405.4/1.0 1009/1 490.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.6/54.0 117/54 20.7/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 42 TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/24 1078.8/2662.5 5297/5301 2109.2/2638.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 43 TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/11 2407.4/5982.0 11950/11953 4771.4/5971.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 44 TCP 10.8.0.1:41757 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/39 1082.8/2667.0 5292/5295 2104.8/2628.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 45 TCP 10.8.0.1:47135 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/48 1085.0/2670.5 5289/5293 2102.2/2622.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 46 TCP 10.8.0.1:51134 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/7 6007.4/14985.0 29960/29963 11976.3/14978.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 47 TCP 10.8.0.1:51135 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 6006.6/14984.5 29964/29966 11978.7/14981.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 48 TCP 10.8.0.1:51676 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/32 1080.4/2665.0 5295/5298 2107.4/2633.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 49 TCP 10.8.0.1:33511 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][4 pkts/452 bytes <-> 4 pkts/216 bytes][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/22 19827.0/29739.0 59456/59456 28021.9/29717.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 113.0/54.0 270/54 91.0/0.0][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333] - 50 TCP 10.8.0.1:51833 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/51 4998.3/7496.5 14940/14942 7029.8/7445.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.8/54.0 241/54 78.5/0.0][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6] - 51 TCP 10.8.0.1:51839 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/50 5044.3/7565.5 15081/15081 7097.0/7515.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.8/54.0 241/54 78.5/0.0][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6] - 52 TCP 10.8.0.1:41726 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/299 bytes <-> 4 pkts/216 bytes][bytes ratio: 0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/3 694.7/1040.5 2078/2078 978.2/1037.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.8/54.0 117/54 25.7/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 53 TCP 10.8.0.1:51195 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][3 pkts/245 bytes <-> 2 pkts/108 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] - 54 TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][3 pkts/209 bytes <-> 2 pkts/108 bytes] - 55 TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][2 pkts/128 bytes <-> 1 pkts/54 bytes] - 56 TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes] - 57 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes] + 1 TCP 10.8.0.1:51155 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][256 pkts/14707 bytes <-> 257 pkts/329379 bytes][Goodput ratio: 5.9/95.8][62.34 sec][bytes ratio: -0.915 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 135.3/140.2 2165/2214 262.0/271.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 57.4/1281.6 528/29696 36.0/3034.6][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 2 TCP 10.8.0.1:41348 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][28 pkts/4815 bytes <-> 28 pkts/104881 bytes][Goodput ratio: 68.2/98.6][2.76 sec][bytes ratio: -0.912 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 112.2/100.6 455/404 117.1/99.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 172.0/3745.8 590/18020 205.7/4699.9][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 3 TCP 10.8.0.1:41346 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][48 pkts/11540 bytes <-> 47 pkts/80696 bytes][Goodput ratio: 77.4/96.9][5.52 sec][bytes ratio: -0.750 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 103.7/138.1 1189/1223 219.9/217.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 240.4/1716.9 590/17734 233.4/3587.1][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][Server: *.webex.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2013-10-31 00:00:00 - 2023-10-30 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 4 TCP 10.8.0.1:41358 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][19 pkts/2005 bytes <-> 19 pkts/40477 bytes][Goodput ratio: 47.8/97.5][2.62 sec][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 143.9/154.3 1031/979 260.1/240.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.5/2130.4 590/8901 135.5/2681.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 5 TCP 10.8.0.1:51194 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][12 pkts/1531 bytes <-> 12 pkts/34357 bytes][Goodput ratio: 56.3/98.1][3.76 sec][bytes ratio: -0.915 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/5 382.9/399.3 1876/1875 577.4/571.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 127.6/2863.1 528/14373 150.1/4303.6][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 6 TCP 10.8.0.1:41354 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][13 pkts/2145 bytes <-> 13 pkts/24239 bytes][Goodput ratio: 66.3/97.1][1.48 sec][bytes ratio: -0.837 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 108.1/138.8 519/469 176.0/157.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 165.0/1864.5 590/8448 193.3/2710.5][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][Goodput ratio: 76.2/59.7][68.57 sec][bytes ratio: 0.305 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1424.5/790.5 16039/7189 2910.5/1472.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 228.8/134.1 590/3961 153.6/546.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][cat: VoIP/10][22 pkts/15356 bytes -> 0 pkts/0 bytes][Goodput ratio: 94.0/0.0][95.92 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1008/0 4782.7/0.0 32494/0 6932.3/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698.0/0.0 698/0 0.0/0.0][PLAIN TEXT (REGISTER sip)] + 9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][Goodput ratio: 65.2/80.4][21.38 sec][bytes ratio: -0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 795.8/451.5 6005/3010 1690.7/777.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157.2/276.2 432/3961 108.2/830.4][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA] + 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91.178/TLS.Amazon][cat: Web/5][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][Goodput ratio: 55.4/90.0][41.17 sec][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3166.5/655.0 34507/5259 9150.7/1545.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124.0/541.7 590/1502 148.6/614.4][TLSv1][Client: api.crittercism.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][Server: *.crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a (INSECURE)][Certificate SHA-1: 68:8B:FC:77:1E:CA:80:33:0C:A9:0E:29:A6:E4:0D:FC:3A:AE:43:18][Validity: 2015-01-14 00:00:00 - 2020-01-13 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][Goodput ratio: 64.2/93.8][3.96 sec][bytes ratio: -0.663 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 523.4/352.4 2070/1020 729.8/365.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157.4/873.0 576/3993 178.5/1443.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][Goodput ratio: 69.5/94.5][1.07 sec][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/51 159.6/194.8 357/356 154.1/125.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 187.0/990.0 576/3993 192.5/1507.6][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][Goodput ratio: 63.0/93.5][3.00 sec][bytes ratio: -0.657 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 385.3/312.0 2171/1116 743.4/395.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152.1/827.6 528/2974 166.2/1098.7][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 14 TCP 10.8.0.1:44492 <-> 64.68.104.140:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 8 pkts/6600 bytes][Goodput ratio: 63.0/93.4][3.01 sec][bytes ratio: -0.656 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/16 385.9/312.5 2179/1125 745.9/385.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152.1/825.0 528/2633 166.2/1028.2][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 15 TCP 10.8.0.1:45814 <-> 62.109.231.3:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/6653 bytes][Goodput ratio: 65.6/93.5][0.78 sec][bytes ratio: -0.670 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 96.8/110.0 277/276 117.0/105.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 164.4/831.6 528/2581 172.4/1033.3][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 16 TCP 10.8.0.1:47498 <-> 209.197.222.159:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][Goodput ratio: 68.4/94.2][3.10 sec][bytes ratio: -0.677 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 545.8/396.2 2119/1071 811.9/386.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 180.1/933.6 528/3961 178.9/1446.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 17 TCP 10.8.0.1:57647 <-> 64.68.121.153:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/1261 bytes <-> 7 pkts/6535 bytes][Goodput ratio: 68.4/94.2][3.09 sec][bytes ratio: -0.677 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 544.8/396.2 2066/1021 793.0/376.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 180.1/933.6 528/3961 178.9/1446.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 18 TCP 10.8.0.1:37129 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/1369 bytes <-> 9 pkts/5838 bytes][Goodput ratio: 63.0/91.7][4.04 sec][bytes ratio: -0.620 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 534.4/640.3 3074/2046 1047.8/713.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152.1/648.7 528/3993 166.2/1254.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 19 TCP 10.8.0.1:51370 <-> 64.68.105.97:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/1315 bytes <-> 8 pkts/5784 bytes][Goodput ratio: 65.6/92.5][2.90 sec][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 433.0/304.0 2119/1065 771.8/366.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 164.4/723.0 528/2633 172.4/919.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 20 TCP 10.8.0.1:55669 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1830 bytes <-> 12 pkts/4811 bytes][Goodput ratio: 66.4/86.5][1.15 sec][bytes ratio: -0.449 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 112.6/139.1 555/553 188.7/186.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 166.4/400.9 590/2581 167.4/757.6][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 21 TCP 10.8.0.1:55665 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][Goodput ratio: 65.8/87.5][1.40 sec][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 126.6/190.1 512/509 170.3/159.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 163.5/432.5 590/3961 167.4/1117.3][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 22 TCP 10.8.0.1:55671 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][Goodput ratio: 65.8/87.5][1.32 sec][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117.8/180.3 470/468 157.2/150.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 163.5/432.5 590/3961 167.4/1117.3][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 23 TCP 10.8.0.1:55687 <-> 173.243.0.110:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][11 pkts/1798 bytes <-> 11 pkts/4757 bytes][Goodput ratio: 65.8/87.5][4.59 sec][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 304.9/639.3 1712/1786 557.1/738.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 163.5/432.5 590/3961 167.4/1117.3][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 24 TCP 10.8.0.1:43433 <-> 216.58.208.40:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1540 bytes <-> 8 pkts/4835 bytes][Goodput ratio: 67.1/91.0][3.85 sec][bytes ratio: -0.517 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 389.4/620.7 1225/1224 477.2/510.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 171.1/604.4 590/3751 167.6/1199.5][TLSv1.2][Client: ssl.google-analytics.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1][Server: *.google-analytics.com][JA3S: 389ed42c02ebecc32e73aa31def07e14][Organization: Google Inc][Certificate SHA-1: E0:F0:1E:71:F2:B5:D9:2D:F7:4E:8F:CB:10:37:17:7C:0C:C4:07:9D][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 25 TCP 10.8.0.1:51646 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][9 pkts/895 bytes <-> 8 pkts/4398 bytes][Goodput ratio: 43.4/90.2][3.11 sec][bytes ratio: -0.662 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 263.0/413.2 1025/1231 416.0/511.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99.4/549.8 380/2581 101.1/889.3][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 26 TCP 10.8.0.1:52219 <-> 64.68.121.100:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][Goodput ratio: 46.2/91.3][4.09 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/10 300.8/483.5 1105/1237 425.1/496.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.1/625.1 380/3993 105.9/1375.1][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 27 TCP 10.8.0.1:55969 <-> 64.68.121.99:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][8 pkts/841 bytes <-> 7 pkts/4376 bytes][Goodput ratio: 46.2/91.3][4.08 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/7 298.7/483.0 1096/1238 422.9/497.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.1/625.1 380/3993 105.9/1375.1][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 28 TCP 10.8.0.1:49048 <-> 23.44.253.243:443 [proto: 91.141/TLS.Webex][cat: Web/5][7 pkts/1181 bytes <-> 7 pkts/4021 bytes][Goodput ratio: 66.2/90.6][0.77 sec][bytes ratio: -0.546 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/9 125.4/128.6 463/394 174.1/138.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 168.7/574.4 448/2957 157.6/988.7][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: www.webex.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Cisco Systems][Certificate SHA-1: EE:CE:24:B7:67:4D:F0:3F:16:80:F8:DC:E3:53:45:5F:3E:41:25:CD][Validity: 2010-02-19 22:39:26 - 2020-02-18 22:39:26][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 29 TCP 10.8.0.1:47116 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/461 bytes <-> 6 pkts/4231 bytes][Goodput ratio: 13.6/92.3][4.09 sec][bytes ratio: -0.803 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/14 596.2/745.0 1927/1038 776.4/424.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.9/705.2 117/2896 22.0/1054.1][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2023-10-30 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 30 TCP 10.8.0.1:47841 <-> 114.29.200.11:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/407 bytes <-> 5 pkts/4177 bytes][Goodput ratio: 15.4/93.5][4.08 sec][bytes ratio: -0.822 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 1018.2/992.3 2975/1922 1214.3/785.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 67.8/835.4 117/3961 23.2/1562.8][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f][Server: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6 (WEAK)][Organization: Cisco Systems, Inc.][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2006-11-08 00:00:00 - 2021-11-07 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA] + 31 TCP 10.8.0.1:33551 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1465 bytes <-> 11 pkts/1065 bytes][Goodput ratio: 61.7/44.2][0.54 sec][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 77.1/76.9 283/252 98.2/86.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 146.5/96.8 590/396 160.9/101.6][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 32 TCP 10.8.0.1:33553 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][10 pkts/1388 bytes <-> 10 pkts/1087 bytes][Goodput ratio: 59.6/50.3][13.16 sec][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1644.0/1878.7 10453/11491 3421.2/3952.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 138.8/108.7 590/472 162.8/127.1][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 33 TCP 10.8.0.1:33512 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][Goodput ratio: 62.7/20.9][59.53 sec][bytes ratio: 0.376 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8503.6/9920.5 59268/59268 20724.6/22069.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 150.8/68.3 590/183 167.8/40.5][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 34 TCP 10.8.0.1:33554 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][9 pkts/1357 bytes <-> 9 pkts/615 bytes][Goodput ratio: 62.7/20.9][13.15 sec][bytes ratio: 0.376 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/1 1877.3/2190.0 12884/12885 4493.7/4783.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 150.8/68.3 590/183 167.8/40.5][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 35 TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Goodput ratio: 64.5/60.5][41.15 sec][Host: cp.pushwoosh.com][bytes ratio: 0.083 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8230.0/114.3 40802/243 16286.2/99.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 161.7/136.8 590/551 194.2/185.2][URL: cp.pushwoosh.com/json/1.3/registerDevice][StatusCode: 200][ContentType: application/json][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; LG-D855 Build/KVT49L.A1412087656)][PLAIN TEXT (POST /j)] + 36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes][Goodput ratio: 68.9/28.4][1.57 sec][bytes ratio: 0.477 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 313.8/390.5 1555/1504 620.6/643.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 182.9/75.5 590/183 180.3/48.1][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Goodput ratio: 53.4/64.7][41.15 sec][Host: cp.pushwoosh.com][bytes ratio: -0.103 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/105 10286.0/13713.3 40778/40779 17604.8/19138.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124.8/153.4 388/551 131.8/198.8][URL: cp.pushwoosh.com/json/1.3/applicationOpen][StatusCode: 200][ContentType: application/json][UserAgent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; LG-D855 Build/KVT49L.A1412087656)][PLAIN TEXT (POST /j)] + 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes][Goodput ratio: 45.1/15.8][20.24 sec][bytes ratio: 0.829 (Upload)][IAT c2s/s2c min/avg/max/stddev: 122/117 1602.2/117.0 8966/117 2266.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 47/50 76.5/50.0 84/50 14.4/0.0] + 39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][Goodput ratio: 43.9/32.2][0.51 sec][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 100.6/149.3 442/392 171.7/172.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 102.3/79.8 281/146 81.4/36.1][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][Goodput ratio: 48.1/37.3][0.45 sec][bytes ratio: 0.238 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 112.0/148.3 444/442 191.7/207.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 112.0/86.2 281/183 86.0/55.9][TLSv1.2][Client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/501 bytes <-> 4 pkts/216 bytes][Goodput ratio: 12.5/0.0][2.03 sec][bytes ratio: 0.397 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 405.4/1.0 1009/1 490.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.6/54.0 117/54 20.7/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 42 TCP 10.8.0.1:37139 <-> 64.68.105.98:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][5.40 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/24 1078.8/2662.5 5297/5301 2109.2/2638.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 43 TCP 10.8.0.1:41394 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][12.04 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/11 2407.4/5982.0 11950/11953 4771.4/5971.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 44 TCP 10.8.0.1:41757 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][5.42 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/39 1082.8/2667.0 5292/5295 2104.8/2628.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 45 TCP 10.8.0.1:47135 <-> 114.29.202.139:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][5.43 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/48 1085.0/2670.5 5289/5293 2102.2/2622.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 46 TCP 10.8.0.1:51134 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][30.04 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/7 6007.4/14985.0 29960/29963 11976.3/14978.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 47 TCP 10.8.0.1:51135 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][30.03 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 6006.6/14984.5 29964/29966 11978.7/14981.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 48 TCP 10.8.0.1:51676 <-> 114.29.204.49:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/427 bytes <-> 5 pkts/270 bytes][Goodput ratio: 14.7/0.0][5.41 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/32 1080.4/2665.0 5295/5298 2107.4/2633.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71.2/54.0 117/54 22.4/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 49 TCP 10.8.0.1:33511 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][4 pkts/452 bytes <-> 4 pkts/216 bytes][Goodput ratio: 47.7/0.0][59.48 sec][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/22 19827.0/29739.0 59456/59456 28021.9/29717.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 113.0/54.0 270/54 91.0/0.0][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333] + 50 TCP 10.8.0.1:51833 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][Goodput ratio: 44.1/0.0][15.00 sec][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/51 4998.3/7496.5 14940/14942 7029.8/7445.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.8/54.0 241/54 78.5/0.0][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6] + 51 TCP 10.8.0.1:51839 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/423 bytes <-> 4 pkts/216 bytes][Goodput ratio: 44.1/0.0][15.14 sec][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/50 5044.3/7565.5 15081/15081 7097.0/7515.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 105.8/54.0 241/54 78.5/0.0][TLSv1][JA3C: 64ea4359ad4b496db653a3f30f7073e6] + 52 TCP 10.8.0.1:41726 <-> 114.29.213.212:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][4 pkts/299 bytes <-> 4 pkts/216 bytes][Goodput ratio: 21.0/0.0][2.09 sec][bytes ratio: 0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/3 694.7/1040.5 2078/2078 978.2/1037.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.8/54.0 117/54 25.7/0.0][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 53 TCP 10.8.0.1:51195 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][3 pkts/245 bytes <-> 2 pkts/108 bytes][Goodput ratio: 25.6/0.0][0.01 sec][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f] + 54 TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][3 pkts/209 bytes <-> 2 pkts/108 bytes][Goodput ratio: 11.0/0.0][0.06 sec] + 55 TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][2 pkts/128 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][1.00 sec] + 56 TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 57 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.00 sec] diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out index 5eb35de0f..bd042a8e0 100644 --- a/tests/result/wechat.pcap.out +++ b/tests/result/wechat.pcap.out @@ -18,106 +18,106 @@ JA3 Host Stats: 1 192.168.1.103 3 - 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/TLS.WeChat][cat: Chat/9][88 pkts/15114 bytes <-> 91 pkts/61842 bytes][bytes ratio: -0.607 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/11 6995.1/5836.8 150373/150695 18891.6/18424.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171.8/679.6 264/1254 98.8/593.7] - 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][bytes ratio: -0.619 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 403.2/151.4 10035/951 1616.4/288.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 273.4/1335.6 1306/4350 407.2/922.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][bytes ratio: -0.247 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 537.5/311.6 9999/7018 1832.7/1162.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 479.2/862.7 1306/4059 492.4/921.8][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][bytes ratio: -0.594 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 559.3/53.8 8107/380 1791.8/116.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235.1/1003.2 1306/1494 368.4/649.4][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168.3/172.3 1085/1495 276.4/328.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 360.5/946.2 1306/1754 450.4/673.4][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1291.5/951.0 9696/8423 2839.9/2427.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 312.7/951.5 1306/2922 423.4/963.9][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][bytes ratio: 0.181 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1114.3/1109.9 15327/15635 3311.0/3567.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 516.4/486.9 1306/1754 494.4/579.4][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 776.9/120.1 9999/394 2313.0/166.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 372.7/938.0 1306/5892 453.9/1304.2][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1173.5/415.8 10039/3644 2412.0/984.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 372.6/994.3 1306/8291 453.8/1870.8][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1264.8/1400.8 15319/15624 3541.0/3988.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 605.0/346.1 1494/1494 586.5/471.8][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][bytes ratio: 0.207 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1387.8/1930.0 15313/15715 3511.0/4240.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 482.5/417.5 1306/1754 480.2/530.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][bytes ratio: 0.105 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1165.0/785.7 10037/4544 2455.0/1496.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 463.3/459.0 1306/1754 478.0/578.6][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][bytes ratio: -0.743 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1231.5/212.8 9996/1647 2943.7/472.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 178.2/1048.3 1153/3182 289.6/878.3][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2013-11-05 21:36:50 - 2022-05-20 21:36:50][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 2592.2/2688.5 15693/16086 4162.8/4915.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 386.7/410.9 1306/1754 451.5/550.6][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1502.7/1316.1 9999/7806 2987.1/2505.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 419.9/410.4 1306/1494 461.7/506.9][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 930.8/134.0 9811/287 2680.9/129.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430.0/460.7 1306/1494 463.0/553.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][bytes ratio: 0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 946.7/155.4 9639/333 2625.9/153.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 429.2/460.7 1306/1494 462.8/553.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1139.8/318.4 10004/1570 2698.0/529.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 308.5/492.1 1306/1798 406.0/692.3][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][bytes ratio: -0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2021.5/1535.6 10879/11228 3975.6/3666.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 330.4/427.9 1306/1494 415.8/540.7][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][bytes ratio: -0.051 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 140.3/135.6 356/292 157.1/129.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 376.3/500.4 1306/1754 434.4/627.5][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 21 TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/TLS.QQ][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][bytes ratio: -0.544 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7939.3/7944.1 44960/45306 14472.3/14556.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 167.1/565.6 571/3484 197.3/986.9][TLSv1.2][Client: res.wx.qq.com][JA3C: 550dce18de1bb143e69d6dd9413b8355][Server: wx.qq.com][JA3S: 290adf098a54ade688d1df074dbecbf2 (WEAK)][Organization: Shenzhen Tencent Computer Systems Company Limited][Certificate SHA-1: 67:53:57:7F:22:BB:D0:A6:D4:5F:A6:D4:B3:0A:13:73:29:23:D0:C9][Validity: 2016-05-10 00:00:00 - 2018-08-09 23:59:59][Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384] - 22 TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/TLS.Google][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][bytes ratio: -0.444 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6942.5/6941.6 45055/45055 16248.7/16249.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 141.9/368.7 895/1484 195.7/525.4][TLSv1.2][Client: safebrowsing.googleusercontent.com][JA3C: d551fafc4f40f1dec2bb45980bfa9492][Server: *.googleusercontent.com][JA3S: d655f7cd00e93ea8969c3c6e06f0156f][Organization: Google Inc][Certificate SHA-1: 8B:36:AF:31:A2:4C:EE:50:CC:6F:34:F7:2C:A3:C5:B6:4B:02:AC:53][Validity: 2017-04-05 17:14:46 - 2017-06-28 16:57:00][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256] - 23 UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Host: ssl.gstatic.com][bytes ratio: 0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 26.8/2.0 76/4 27.2/1.4][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 501.0/554.8 1392/1392 573.8/598.8][PLAIN TEXT (ssl.gstatic.com)] - 24 UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Collaborative/15][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Host: docs.google.com][bytes ratio: 0.117 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.2/248.4 55/1178 23.0/465.4][Pkt Len c2s/s2c min/avg/max/stddev: 77/70 447.8/303.6 1392/1392 532.3/455.1][PLAIN TEXT (docs.google.comr)] - 25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][bytes ratio: -0.565 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 3427.9/1426.0 19999/5411 6454.5/2303.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/463.9 304/1754 76.6/673.1][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][bytes ratio: -0.565 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 3812.8/2235.0 20004/5405 6348.0/2330.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/463.9 304/1754 76.6/673.1][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][bytes ratio: -0.564 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3076.0/848.4 20000/3092 6447.6/1206.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/462.9 304/1494 76.6/600.9][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1665.2/361.5 10763/1441 3452.6/623.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/519.6 304/1494 76.6/622.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2567.1/79.5 19243/317 6304.7/137.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/519.6 304/1494 76.6/622.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1495.8/89.5 10477/358 3399.0/155.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/519.6 304/1494 76.6/622.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][9 pkts/966 bytes <-> 6 pkts/3571 bytes][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1592.0/136.7 10023/410 3446.3/193.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107.3/595.2 304/1754 79.7/731.6][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6683.7/0.0 41917/0 11731.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 102/0 102.0/0.0 102/0 0.0/0.0][PLAIN TEXT (googlecast)] - 33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Host: ssl.gstatic.com][bytes ratio: 0.025 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 24.0/16.0 53/47 24.3/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 407.0/387.4 1392/1392 507.8/512.0][PLAIN TEXT (ssl.gstatic.com)] - 34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6683.7/0.0 41917/0 11731.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82.0/0.0 82/0 0.0/0.0][PLAIN TEXT (googlecast)] - 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][2 pkts/2508 bytes -> 0 pkts/0 bytes][PLAIN TEXT (G@aRkU)] - 36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4607.5/0.0 45060/0 12221.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 102/0 102.0/0.0 102/0 0.0/0.0][PLAIN TEXT (googlecast)] - 37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 45051/45051 61958.6/61956.8 180207/180208 44693.7/44694.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/66.0 66/66 0.0/0.0] - 38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4607.6/0.0 45058/0 12220.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82.0/0.0 82/0 0.0/0.0][PLAIN TEXT (googlecast)] - 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][13 pkts/866 bytes <-> 4 pkts/280 bytes][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 272/45308 12754.9/45308.0 45020/45308 13611.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.6/70.0 74/74 2.1/4.0] - 40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes] - 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/TLS.WeChat][cat: Chat/9][3 pkts/802 bytes <-> 3 pkts/198 bytes][bytes ratio: 0.604 (Upload)][IAT c2s/s2c min/avg/max/stddev: 6562/9679 8102.0/9679.0 9642/9679 1540.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 267.3/66.0 670/66 284.7/0.0] - 42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 179.1/0.0 816/0 312.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92.0/0.0 92/0 0.0/0.0][PLAIN TEXT ( EMECEKEBENFHFAFEFIFKCACACACACA)] - 43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 409/0 289919.8/0.0 3384346/0 895903.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 54.0/0.0 54/0 0.0/0.0] - 44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes][Host: giovanni-pc][PLAIN TEXT ( EHEJEPFGEBEOEOEJ)] - 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 351/910 5596.8/910.0 20327/910 8509.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/70.0 74/74 3.2/4.0] - 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 312/33511 13774.2/33511.0 33196/33511 13761.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/70.0 74/74 3.2/4.0] - 47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Host: res.wx.qq.com] - 48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 259/0 12545.5/0.0 83360/0 26898.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 252/0 12622.4/0.0 82310/0 26533.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 50 TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 13105.6/0.0 85920/0 27702.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 51 TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 251/0 12574.2/0.0 82446/0 26588.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 52 TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 239/0 13027.5/0.0 84664/0 27319.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 53 TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 255/0 12398.5/0.0 82310/0 26558.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0][PLAIN TEXT (PLTbOhOof)] - 54 TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/39 4910.0/7363.5 14730/14688 6943.8/7324.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/79.8 66/121 0.0/23.8][PLAIN TEXT (lMRov.)] - 55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 325/0 2959.8/0.0 9935/0 4044.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/71.3 74/74 3.2/3.8] - 56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 2890.5/0.0 9679/0 3943.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/71.3 74/74 3.2/3.8] - 57 TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 232/0 12971.6/0.0 83248/0 28714.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 58 TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 13502.0/0.0 85920/0 29594.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/TLS][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes][bytes ratio: 0.107 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 301/1307 11760.5/23331.0 45054/45355 19226.1/22024.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 58.0/58.5 74/66 8.0/5.0] - 60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes][bytes ratio: -0.234 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/40 7363.0/7363.5 14726/14687 7363.0/7323.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/79.8 66/121 0.0/23.8] - 61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/652 6762.7/10145.0 19992/19638 9355.0/9493.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 54.0/63.2 54/85 0.0/12.8] - 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/74 bytes <-> 1 pkts/391 bytes][Host: web.wechat.com][PLAIN TEXT (wechat)] - 63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 45055/45054 45055.5/45055.0 45056/45056 0.5/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/66.0 66/66 0.0/0.0] - 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][6 pkts/396 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 607/0 18483.4/0.0 85584/0 33566.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] - 65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Host: safebrowsing.googleusercontent.com][PLAIN TEXT (safebrowsing)] - 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][3 pkts/206 bytes <-> 2 pkts/148 bytes] - 67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: iphonedimonica][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (iPhonediMonica)] - 68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)] - 69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)] - 70 UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Collaborative/15][1 pkts/75 bytes <-> 1 pkts/227 bytes][Host: docs.google.com][PLAIN TEXT (google)] - 71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes] - 72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes] - 73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes] - 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)] - 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)] - 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)] - 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)] - 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan][PLAIN TEXT (debian)] - 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] - 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] - 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org][PLAIN TEXT (debian)] - 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org][PLAIN TEXT (debian)] - 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)] - 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)] - 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)] - 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)] - 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][2 pkts/132 bytes -> 0 pkts/0 bytes] - 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes] - 92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes] - 93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes] - 94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes] - 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)] - 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)] - 97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes] - 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] - 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] - 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] - 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)] - 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)] - 103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes] + 1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91.197/TLS.WeChat][cat: Chat/9][88 pkts/15114 bytes <-> 91 pkts/61842 bytes][Goodput ratio: 61.6/90.3][553.47 sec][bytes ratio: -0.607 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/11 6995.1/5836.8 150373/150695 18891.6/18424.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171.8/679.6 264/1254 98.8/593.7] + 2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][Goodput ratio: 75.8/95.0][15.73 sec][bytes ratio: -0.619 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 403.2/151.4 10035/951 1616.4/288.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 273.4/1335.6 1306/4350 407.2/922.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][Goodput ratio: 86.2/92.3][23.11 sec][bytes ratio: -0.247 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 537.5/311.6 9999/7018 1832.7/1162.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 479.2/862.7 1306/4059 492.4/921.8][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][Goodput ratio: 71.7/93.4][27.77 sec][bytes ratio: -0.594 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 559.3/53.8 8107/380 1791.8/116.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235.1/1003.2 1306/1494 368.4/649.4][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][Goodput ratio: 81.6/93.0][14.74 sec][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168.3/172.3 1085/1495 276.4/328.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 360.5/946.2 1306/1754 450.4/673.4][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][Goodput ratio: 78.8/93.0][28.03 sec][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1291.5/951.0 9696/8423 2839.9/2427.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 312.7/951.5 1306/2922 423.4/963.9][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][Goodput ratio: 87.2/86.4][38.16 sec][bytes ratio: 0.181 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1114.3/1109.9 15327/15635 3311.0/3567.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 516.4/486.9 1306/1754 494.4/579.4][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][Goodput ratio: 82.2/92.9][13.58 sec][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 776.9/120.1 9999/394 2313.0/166.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 372.7/938.0 1306/5892 453.9/1304.2][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][Goodput ratio: 82.2/93.3][22.24 sec][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1173.5/415.8 10039/3644 2412.0/984.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 372.6/994.3 1306/8291 453.8/1870.8][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][Goodput ratio: 89.0/80.8][31.02 sec][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1264.8/1400.8 15319/15624 3541.0/3988.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 605.0/346.1 1494/1494 586.5/471.8][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][Goodput ratio: 86.2/84.1][47.29 sec][bytes ratio: 0.207 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1387.8/1930.0 15313/15715 3511.0/4240.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 482.5/417.5 1306/1754 480.2/530.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][Goodput ratio: 85.7/85.5][22.50 sec][bytes ratio: 0.105 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1165.0/785.7 10037/4544 2455.0/1496.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 463.3/459.0 1306/1754 478.0/578.6][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][Goodput ratio: 62.6/93.6][13.04 sec][bytes ratio: -0.743 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1231.5/212.8 9996/1647 2943.7/472.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 178.2/1048.3 1153/3182 289.6/878.3][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2013-11-05 21:36:50 - 2022-05-20 21:36:50][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][Goodput ratio: 82.8/83.7][47.03 sec][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 2592.2/2688.5 15693/16086 4162.8/4915.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 386.7/410.9 1306/1754 451.5/550.6][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][Goodput ratio: 84.2/83.8][25.19 sec][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1502.7/1316.1 9999/7806 2987.1/2505.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 419.9/410.4 1306/1494 461.7/506.9][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][Goodput ratio: 84.5/85.5][11.52 sec][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 930.8/134.0 9811/287 2680.9/129.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430.0/460.7 1306/1494 463.0/553.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][Goodput ratio: 84.5/85.5][11.77 sec][bytes ratio: 0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 946.7/155.4 9639/333 2625.9/153.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 429.2/460.7 1306/1494 462.8/553.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][Goodput ratio: 78.4/86.3][14.48 sec][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1139.8/318.4 10004/1570 2698.0/529.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 308.5/492.1 1306/1798 406.0/692.3][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][Goodput ratio: 79.8/84.4][22.95 sec][bytes ratio: -0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2021.5/1535.6 10879/11228 3975.6/3666.2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 330.4/427.9 1306/1494 415.8/540.7][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][Goodput ratio: 82.3/86.6][11.54 sec][bytes ratio: -0.051 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 140.3/135.6 356/292 157.1/129.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 376.3/500.4 1306/1754 434.4/627.5][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 21 TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/TLS.QQ][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][Goodput ratio: 66.7/90.0][72.13 sec][bytes ratio: -0.544 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7939.3/7944.1 44960/45306 14472.3/14556.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 167.1/565.6 571/3484 197.3/986.9][TLSv1.2][Client: res.wx.qq.com][JA3C: 550dce18de1bb143e69d6dd9413b8355][Server: wx.qq.com][JA3S: 290adf098a54ade688d1df074dbecbf2 (WEAK)][Organization: Shenzhen Tencent Computer Systems Company Limited][Certificate SHA-1: 67:53:57:7F:22:BB:D0:A6:D4:5F:A6:D4:B3:0A:13:73:29:23:D0:C9][Validity: 2016-05-10 00:00:00 - 2018-08-09 23:59:59][Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384] + 22 TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/TLS.Google][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][Goodput ratio: 53.1/82.0][135.40 sec][bytes ratio: -0.444 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6942.5/6941.6 45055/45055 16248.7/16249.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 141.9/368.7 895/1484 195.7/525.4][TLSv1.2][Client: safebrowsing.googleusercontent.com][JA3C: d551fafc4f40f1dec2bb45980bfa9492][Server: *.googleusercontent.com][JA3S: d655f7cd00e93ea8969c3c6e06f0156f][Organization: Google Inc][Certificate SHA-1: 8B:36:AF:31:A2:4C:EE:50:CC:6F:34:F7:2C:A3:C5:B6:4B:02:AC:53][Validity: 2017-04-05 17:14:46 - 2017-06-28 16:57:00][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256] + 23 UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Goodput ratio: 91.6/92.4][0.18 sec][Host: ssl.gstatic.com][bytes ratio: 0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 26.8/2.0 76/4 27.2/1.4][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 501.0/554.8 1392/1392 573.8/598.8][PLAIN TEXT (ssl.gstatic.com)] + 24 UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][cat: Collaborative/15][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Goodput ratio: 90.6/86.1][1.33 sec][Host: docs.google.com][bytes ratio: 0.117 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.2/248.4 55/1178 23.0/465.4][Pkt Len c2s/s2c min/avg/max/stddev: 77/70 447.8/303.6 1392/1392 532.3/455.1][PLAIN TEXT (docs.google.comr)] + 25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][Goodput ratio: 35.2/85.3][27.78 sec][bytes ratio: -0.565 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 3427.9/1426.0 19999/5411 6454.5/2303.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/463.9 304/1754 76.6/673.1][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][Goodput ratio: 35.2/85.3][30.78 sec][bytes ratio: -0.565 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 3812.8/2235.0 20004/5405 6348.0/2330.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/463.9 304/1754 76.6/673.1][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][Goodput ratio: 35.2/85.5][24.98 sec][bytes ratio: -0.564 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3076.0/848.4 20000/3092 6447.6/1206.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/462.9 304/1494 76.6/600.9][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][Goodput ratio: 35.2/87.1][13.33 sec][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1665.2/361.5 10763/1441 3452.6/623.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/519.6 304/1494 76.6/622.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][Goodput ratio: 35.2/87.1][20.54 sec][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2567.1/79.5 19243/317 6304.7/137.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/519.6 304/1494 76.6/622.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][Goodput ratio: 35.2/87.1][11.97 sec][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1495.8/89.5 10477/358 3399.0/155.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/519.6 304/1494 76.6/622.0][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][9 pkts/966 bytes <-> 6 pkts/3571 bytes][Goodput ratio: 37.6/88.7][11.54 sec][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1592.0/136.7 10023/410 3446.3/193.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107.3/595.2 304/1754 79.7/731.6][TLSv1.2][Client: web.wechat.com][JA3C: e330bca99c8a5256ae126a55c4c725c5][Server: web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Organization: Tencent Mobility Limited][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.2/0.0][3914.88 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6683.7/0.0 41917/0 11731.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 102/0 102.0/0.0 102/0 0.0/0.0][PLAIN TEXT (googlecast)] + 33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Goodput ratio: 89.6/89.1][0.12 sec][Host: ssl.gstatic.com][bytes ratio: 0.025 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 24.0/16.0 53/47 24.3/19.2][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 407.0/387.4 1392/1392 507.8/512.0][PLAIN TEXT (ssl.gstatic.com)] + 34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.8/0.0][3914.88 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6683.7/0.0 41917/0 11731.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82.0/0.0 82/0 0.0/0.0][PLAIN TEXT (googlecast)] + 35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][2 pkts/2508 bytes -> 0 pkts/0 bytes][Goodput ratio: 94.7/0.0][17.47 sec][PLAIN TEXT (G@aRkU)] + 36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.2/0.0][123.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4607.5/0.0 45060/0 12221.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 102/0 102.0/0.0 102/0 0.0/0.0][PLAIN TEXT (googlecast)] + 37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes][Goodput ratio: 0.0/0.0][540.78 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 45051/45051 61958.6/61956.8 180207/180208 44693.7/44694.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/66.0 66/66 0.0/0.0] + 38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.7/0.0][123.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4607.6/0.0 45058/0 12220.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82.0/0.0 82/0 0.0/0.0][PLAIN TEXT (googlecast)] + 39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][13 pkts/866 bytes <-> 4 pkts/280 bytes][Goodput ratio: 0.0/0.0][140.92 sec][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 272/45308 12754.9/45308.0 45020/45308 13611.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.6/70.0 74/74 2.1/4.0] + 40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes][Goodput ratio: 81.6/0.0][92.69 sec] + 41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91.197/TLS.WeChat][cat: Chat/9][3 pkts/802 bytes <-> 3 pkts/198 bytes][Goodput ratio: 75.2/0.0][16.21 sec][bytes ratio: 0.604 (Upload)][IAT c2s/s2c min/avg/max/stddev: 6562/9679 8102.0/9679.0 9642/9679 1540.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 267.3/66.0 670/66 284.7/0.0] + 42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes][Goodput ratio: 54.3/0.0][1.44 sec][Host: lbjamwptxz][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 179.1/0.0 816/0 312.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92.0/0.0 92/0 0.0/0.0][PLAIN TEXT ( EMECEKEBENFHFAFEFIFKCACACACACA)] + 43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][3769.99 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 409/0 289919.8/0.0 3384346/0 895903.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 54.0/0.0 54/0 0.0/0.0] + 44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes][Goodput ratio: 83.1/0.0][3600.00 sec][Host: giovanni-pc][PLAIN TEXT ( EHEJEPFGEBEOEOEJ)] + 45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes][Goodput ratio: 0.0/0.0][22.72 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 351/910 5596.8/910.0 20327/910 8509.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/70.0 74/74 3.2/4.0] + 46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 4 pkts/280 bytes][Goodput ratio: 0.0/0.0][55.41 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 312/33511 13774.2/33511.0 33196/33511 13761.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/70.0 74/74 3.2/4.0] + 47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][cat: Chat/9][1 pkts/73 bytes <-> 1 pkts/537 bytes][Goodput ratio: 41.9/92.0][0.03 sec][Host: res.wx.qq.com] + 48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][100.37 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 259/0 12545.5/0.0 83360/0 26898.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][100.98 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 252/0 12622.4/0.0 82310/0 26533.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 50 TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][104.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 13105.6/0.0 85920/0 27702.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 51 TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][100.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 251/0 12574.2/0.0 82446/0 26588.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 52 TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][104.22 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 239/0 13027.5/0.0 84664/0 27319.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 53 TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][99.19 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 255/0 12398.5/0.0 82310/0 26558.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0][PLAIN TEXT (PLTbOhOof)] + 54 TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes][Goodput ratio: 0.0/17.2][14.77 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/39 4910.0/7363.5 14730/14688 6943.8/7324.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/79.8 66/121 0.0/23.8][PLAIN TEXT (lMRov.)] + 55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes][Goodput ratio: 0.0/0.0][11.84 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 325/0 2959.8/0.0 9935/0 4044.7/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/71.3 74/74 3.2/3.8] + 56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][5 pkts/338 bytes <-> 3 pkts/214 bytes][Goodput ratio: 0.0/0.0][11.56 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 2890.5/0.0 9679/0 3943.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67.6/71.3 74/74 3.2/3.8] + 57 TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][90.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 232/0 12971.6/0.0 83248/0 28714.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 58 TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][94.52 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 13502.0/0.0 85920/0 29594.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/TLS][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes][Goodput ratio: 0.0/0.0][47.04 sec][bytes ratio: 0.107 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 301/1307 11760.5/23331.0 45054/45355 19226.1/22024.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 58.0/58.5 74/66 8.0/5.0] + 60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes][Goodput ratio: 0.0/17.2][14.77 sec][bytes ratio: -0.234 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/40 7363.0/7363.5 14726/14687 7363.0/7323.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/79.8 66/121 0.0/23.8] + 61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes][Goodput ratio: 0.0/12.2][20.65 sec][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/652 6762.7/10145.0 19992/19638 9355.0/9493.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 54.0/63.2 54/85 0.0/12.8] + 62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/74 bytes <-> 1 pkts/391 bytes][Goodput ratio: 42.7/89.0][0.28 sec][Host: web.wechat.com][PLAIN TEXT (wechat)] + 63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91.126/TLS.Google][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes][Goodput ratio: 0.0/0.0][90.15 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 45055/45054 45055.5/45055.0 45056/45056 0.5/1.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66.0/66.0 66/66 0.0/0.0] + 64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][6 pkts/396 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][92.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 607/0 18483.4/0.0 85584/0 33566.2/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66.0/0.0 66/0 0.0/0.0] + 65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/272 bytes][Goodput ratio: 54.7/84.2][0.04 sec][Host: safebrowsing.googleusercontent.com][PLAIN TEXT (safebrowsing)] + 66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][3 pkts/206 bytes <-> 2 pkts/148 bytes][Goodput ratio: 0.0/0.0][1.65 sec] + 67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.5/0.0][< 1 sec][Host: iphonedimonica][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (iPhonediMonica)] + 68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Goodput ratio: 43.4/81.7][0.04 sec][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)] + 69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes <-> 1 pkts/234 bytes][Goodput ratio: 43.4/81.7][0.03 sec][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)] + 70 UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][cat: Collaborative/15][1 pkts/75 bytes <-> 1 pkts/227 bytes][Goodput ratio: 43.4/81.1][0.04 sec][Host: docs.google.com][PLAIN TEXT (google)] + 71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][3756.16 sec] + 72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0.0/0.0][0.36 sec] + 73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][3763.44 sec] + 74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.33 sec] + 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 30.9/0.0][0.01 sec][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)] + 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.4/0.0][0.01 sec][Host: cansaqcq][PLAIN TEXT (cansaqcq)] + 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29.4/0.0][0.01 sec][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)] + 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.9/0.0][5.01 sec][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)] + 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.3/0.0][< 1 sec][Host: 1.debian.pool.ntp.org.lan][PLAIN TEXT (debian)] + 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.5/0.0][2.46 sec][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] + 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.5/0.0][5.01 sec][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] + 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Goodput ratio: 47.9/0.0][< 1 sec][Host: 2.debian.pool.ntp.org][PLAIN TEXT (debian)] + 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Goodput ratio: 47.9/0.0][< 1 sec][Host: 1.debian.pool.ntp.org][PLAIN TEXT (debian)] + 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.5/0.0][5.01 sec][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)] + 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.7/0.0][0.01 sec][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)] + 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.01 sec][Host: cansaqcq][PLAIN TEXT (cansaqcq)] + 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38.0/0.0][0.01 sec][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)] + 88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][35.46 sec] + 89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.35 sec] + 90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: Chat/9][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.31 sec] + 91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][135.44 sec] + 92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 6.0/0.0][1.43 sec] + 93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 52.7/0.0][< 1 sec] + 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.6/0.0][< 1 sec][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)] + 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.6/0.0][< 1 sec][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)] + 97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 27.6/0.0][< 1 sec] + 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.2/0.0][< 1 sec][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] + 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.2/0.0][< 1 sec][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] + 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48.2/0.0][< 1 sec][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)] + 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46.3/0.0][< 1 sec][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)] + 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.4/0.0][< 1 sec][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)] + 103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out index 3cee8abf0..867dd4950 100644 --- a/tests/result/weibo.pcap.out +++ b/tests/result/weibo.pcap.out @@ -10,47 +10,47 @@ JA3 Host Stats: 1 192.168.1.105 1 - 1 TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Host: img.t.sinajs.cn][bytes ratio: -0.860 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.0/29.3 400/372 66.4/64.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/1324.7 533/4374 116.5/822.8][URL: img.t.sinajs.cn/t6/style/css/module/base/frame.css?version=201605130537][StatusCode: 200][ContentType: text/css][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/css/module/base/f)] - 2 TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Host: img.t.sinajs.cn][bytes ratio: -0.866 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 47.7/38.7 314/338 88.7/81.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113.2/1266.4 549/2938 132.2/620.2][URL: img.t.sinajs.cn/t6/style/css/module/combination/comb_login.css?version=201605130537][StatusCode: 200][ContentType: text/css][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/css/module/combin)] - 3 TCP 192.168.1.105:51698 <-> 93.188.134.137:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][40 pkts/3462 bytes <-> 39 pkts/34030 bytes][Host: www.weibo.com][bytes ratio: -0.815 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24.9/22.7 482/454 83.8/80.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 86.6/872.6 516/2938 69.2/915.2][URL: www.weibo.com/login.php?lang=en-us][StatusCode: 200][ContentType: text/html][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /login.php)] - 4 TCP 192.168.1.105:35807 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][27 pkts/2298 bytes <-> 26 pkts/34170 bytes][Host: img.t.sinajs.cn][bytes ratio: -0.874 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 23.0/21.8 183/162 50.2/47.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.1/1314.2 550/1502 91.2/448.1][URL: img.t.sinajs.cn/t6/style/images/growth/login/sprite_login.png?13434210384389][StatusCode: 200][ContentType: image/png][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/images/growth/log)] - 5 TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Host: img.t.sinajs.cn][bytes ratio: -0.800 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 71.8/74.7 375/438 115.7/123.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 110.6/1046.1 525/1502 126.8/556.9][URL: img.t.sinajs.cn/t6/skin/default/skin.css?version=201605130537][StatusCode: 200][ContentType: text/css][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/skin/default/skin.css)] - 6 TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Host: img.t.sinajs.cn][bytes ratio: -0.850 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 32.1/37.9 252/181 64.0/50.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93.4/1216.5 539/1502 108.1/525.5][URL: img.t.sinajs.cn/t6/style/images/common/font/wbficon.woff?id=201605111746][StatusCode: 200][ContentType: application/x-font-woff][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/images/common/fon)] - 7 TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Host: img.t.sinajs.cn][bytes ratio: -0.598 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 45.4/41.5 163/160 63.4/68.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 135.1/625.8 530/1502 161.3/505.1][URL: img.t.sinajs.cn/t6/style/images/global_nav/WB_logo_b.png][StatusCode: 200][ContentType: image/png][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/images/global)] - 8 UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes][bytes ratio: 0.197 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 76/2 266.5/14.2 1385/29 502.8/13.3][Pkt Len c2s/s2c min/avg/max/stddev: 67/74 162.6/145.5 406/433 122.4/129.3] - 9 UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes][bytes ratio: -0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 171.2/228.0 626/662 263.7/307.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/85 192.6/245.2 353/660 93.4/241.0] - 10 TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Host: weibo.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/347 175.8/347.5 353/348 174.3/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 147.2/215.8 500/689 176.6/273.3][URL: weibo.com/login.php?lang=en-us][StatusCode: 301][ContentType: text/html][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /login.php)] - 11 TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Host: js.t.sinajs.cn][URL: js.t.sinajs.cn/t5/register/js/v6/pl/base.js?version=201605130537][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (KGET /t)] - 12 TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Host: u1.img.mobile.sina.cn][URL: u1.img.mobile.sina.cn/public/files/image/620x300_img5653d57c6dab2.png][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /public/files/image/620)] - 13 TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][3 pkts/382 bytes <-> 1 pkts/66 bytes][TLSv1][Client: g.alicdn.com][JA3C: 58e7f64db6e4fe4941dd9691d421196c][PLAIN TEXT (g.alicdn.com)] - 14 UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/75 bytes <-> 1 pkts/191 bytes][Host: img.t.sinajs.cn] - 15 UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/190 bytes][Host: js.t.sinajs.cn] - 16 UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Host: g.alicdn.com][PLAIN TEXT (alicdn)] - 17 UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Host: login.taobao.com][PLAIN TEXT (taobao)] - 18 UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Host: u1.img.mobile.sina.cn][PLAIN TEXT (mobile)] - 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Host: acjstb.aliyun.com][PLAIN TEXT (alibabadns)] - 20 UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Host: www.weibo.com] - 21 TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes] - 22 TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes] - 23 TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes] - 24 TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes] - 25 UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/112 bytes][Host: log.mmstat.com][PLAIN TEXT (mmstat)] - 26 UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/85 bytes][Host: weibo.com] - 27 TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 28 TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 29 TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes] - 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com][PLAIN TEXT (account)] - 34 TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 35 TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 36 TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 37 TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 38 TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 40 TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes] - 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com] - 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn] + 1 TCP 192.168.1.105:35803 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][52 pkts/5367 bytes <-> 54 pkts/71536 bytes][Goodput ratio: 32.8/95.0][1.44 sec][Host: img.t.sinajs.cn][bytes ratio: -0.860 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29.0/29.3 400/372 66.4/64.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103.2/1324.7 533/4374 116.5/822.8][URL: img.t.sinajs.cn/t6/style/css/module/base/frame.css?version=201605130537][StatusCode: 200][ContentType: text/css][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/css/module/base/f)] + 2 TCP 192.168.1.105:35804 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][32 pkts/3624 bytes <-> 40 pkts/50657 bytes][Goodput ratio: 37.8/94.8][1.33 sec][Host: img.t.sinajs.cn][bytes ratio: -0.866 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 47.7/38.7 314/338 88.7/81.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113.2/1266.4 549/2938 132.2/620.2][URL: img.t.sinajs.cn/t6/style/css/module/combination/comb_login.css?version=201605130537][StatusCode: 200][ContentType: text/css][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/css/module/combin)] + 3 TCP 192.168.1.105:51698 <-> 93.188.134.137:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][40 pkts/3462 bytes <-> 39 pkts/34030 bytes][Goodput ratio: 13.0/92.4][0.82 sec][Host: www.weibo.com][bytes ratio: -0.815 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24.9/22.7 482/454 83.8/80.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 86.6/872.6 516/2938 69.2/915.2][URL: www.weibo.com/login.php?lang=en-us][StatusCode: 200][ContentType: text/html][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /login.php)] + 4 TCP 192.168.1.105:35807 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][27 pkts/2298 bytes <-> 26 pkts/34170 bytes][Goodput ratio: 21.1/95.0][0.53 sec][Host: img.t.sinajs.cn][bytes ratio: -0.874 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 23.0/21.8 183/162 50.2/47.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.1/1314.2 550/1502 91.2/448.1][URL: img.t.sinajs.cn/t6/style/images/growth/login/sprite_login.png?13434210384389][StatusCode: 200][ContentType: image/png][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/images/growth/log)] + 5 TCP 192.168.1.105:35805 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][21 pkts/2323 bytes <-> 20 pkts/20922 bytes][Goodput ratio: 37.4/93.6][1.37 sec][Host: img.t.sinajs.cn][bytes ratio: -0.800 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 71.8/74.7 375/438 115.7/123.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 110.6/1046.1 525/1502 126.8/556.9][URL: img.t.sinajs.cn/t6/skin/default/skin.css?version=201605130537][StatusCode: 200][ContentType: text/css][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/skin/default/skin.css)] + 6 TCP 192.168.1.105:35809 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][18 pkts/1681 bytes <-> 17 pkts/20680 bytes][Goodput ratio: 28.1/94.5][0.56 sec][Host: img.t.sinajs.cn][bytes ratio: -0.850 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 32.1/37.9 252/181 64.0/50.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93.4/1216.5 539/1502 108.1/525.5][URL: img.t.sinajs.cn/t6/style/images/common/font/wbficon.woff?id=201605111746][StatusCode: 200][ContentType: application/x-font-woff][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/images/common/fon)] + 7 TCP 192.168.1.105:35806 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][7 pkts/946 bytes <-> 6 pkts/3755 bytes][Goodput ratio: 49.0/89.2][0.23 sec][Host: img.t.sinajs.cn][bytes ratio: -0.598 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 45.4/41.5 163/160 63.4/68.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 135.1/625.8 530/1502 161.3/505.1][URL: img.t.sinajs.cn/t6/style/images/global_nav/WB_logo_b.png][StatusCode: 200][ContentType: image/png][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /t6/style/images/global)] + 8 UDP 192.168.1.105:53656 <-> 216.58.210.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][8 pkts/1301 bytes <-> 6 pkts/873 bytes][Goodput ratio: 74.1/71.1][1.60 sec][bytes ratio: 0.197 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 76/2 266.5/14.2 1385/29 502.8/13.3][Pkt Len c2s/s2c min/avg/max/stddev: 67/74 162.6/145.5 406/433 122.4/129.3] + 9 UDP 216.58.210.14:443 <-> 192.168.1.105:49361 [proto: 188.126/QUIC.Google][cat: Web/5][5 pkts/963 bytes <-> 4 pkts/981 bytes][Goodput ratio: 78.1/82.8][0.69 sec][bytes ratio: -0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 171.2/228.0 626/662 263.7/307.0][Pkt Len c2s/s2c min/avg/max/stddev: 77/85 192.6/245.2 353/660 93.4/241.0] + 10 TCP 192.168.1.105:59119 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][5 pkts/736 bytes <-> 4 pkts/863 bytes][Goodput ratio: 60.5/73.5][1.05 sec][Host: weibo.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/347 175.8/347.5 353/348 174.3/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 147.2/215.8 500/689 176.6/273.3][URL: weibo.com/login.php?lang=en-us][StatusCode: 301][ContentType: text/html][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /login.php)] + 11 TCP 192.168.1.105:35811 <-> 93.188.134.246:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/604 bytes <-> 2 pkts/140 bytes][Goodput ratio: 65.8/0.0][0.46 sec][Host: js.t.sinajs.cn][URL: js.t.sinajs.cn/t5/register/js/v6/pl/base.js?version=201605130537][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (KGET /t)] + 12 TCP 192.168.1.105:42275 <-> 222.73.28.96:80 [proto: 7.200/HTTP.Sina(Weibo)][cat: SocialNetwork/6][3 pkts/610 bytes <-> 1 pkts/66 bytes][Goodput ratio: 70.0/0.0][0.38 sec][Host: u1.img.mobile.sina.cn][URL: u1.img.mobile.sina.cn/public/files/image/620x300_img5653d57c6dab2.png][StatusCode: 0][ContentType: ][UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36][PLAIN TEXT (GET /public/files/image/620)] + 13 TCP 192.168.1.105:50827 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][3 pkts/382 bytes <-> 1 pkts/66 bytes][Goodput ratio: 52.2/0.0][0.16 sec][TLSv1][Client: g.alicdn.com][JA3C: 58e7f64db6e4fe4941dd9691d421196c][PLAIN TEXT (g.alicdn.com)] + 14 UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/75 bytes <-> 1 pkts/191 bytes][Goodput ratio: 43.4/77.6][0.11 sec][Host: img.t.sinajs.cn] + 15 UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes <-> 1 pkts/190 bytes][Goodput ratio: 42.7/77.5][0.54 sec][Host: js.t.sinajs.cn] + 16 UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Goodput ratio: 41.1/75.0][0.19 sec][Host: g.alicdn.com][PLAIN TEXT (alicdn)] + 17 UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Goodput ratio: 44.2/74.3][0.47 sec][Host: login.taobao.com][PLAIN TEXT (taobao)] + 18 UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Goodput ratio: 47.6/73.1][0.11 sec][Host: u1.img.mobile.sina.cn][PLAIN TEXT (mobile)] + 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Goodput ratio: 44.9/72.8][0.47 sec][Host: acjstb.aliyun.com][PLAIN TEXT (alibabadns)] + 20 UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Goodput ratio: 41.9/69.9][0.06 sec][Host: www.weibo.com] + 21 TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0.0/0.0][0.06 sec] + 22 TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/TLS][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.22 sec] + 23 TCP 192.168.1.105:59120 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.36 sec] + 24 TCP 192.168.1.105:59121 <-> 114.134.80.162:80 [proto: 7/HTTP][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.34 sec] + 25 UDP 192.168.1.105:53466 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/112 bytes][Goodput ratio: 42.7/61.9][0.20 sec][Host: log.mmstat.com][PLAIN TEXT (mmstat)] + 26 UDP 192.168.1.105:54988 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/85 bytes][Goodput ratio: 38.6/50.0][0.08 sec][Host: weibo.com] + 27 TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.02 sec] + 28 TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.05 sec] + 29 TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.03 sec] + 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.14 sec] + 31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.04 sec] + 32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.05 sec] + 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 44.9/0.0][< 1 sec][Host: account.weibo.com][PLAIN TEXT (account)] + 34 TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 35 TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 36 TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 37 TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 38 TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 39 TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 40 TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0.0/0.0][< 1 sec] + 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 42.7/0.0][< 1 sec][Host: data.weibo.com] + 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec][Host: c.weibo.cn] diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out index b8cd336d3..2da823c1b 100644 --- a/tests/result/whatsapp_login_call.pcap.out +++ b/tests/result/whatsapp_login_call.pcap.out @@ -15,60 +15,60 @@ JA3 Host Stats: 1 192.168.2.4 1 - 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes][bytes ratio: 0.021 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 40.5/33.0 198/347 51.1/47.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/64 145.3/93.1 525/488 100.0/64.5][PLAIN TEXT (zTdFPOk)] - 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 47.8/124.4 307/539 62.9/96.2][Pkt Len c2s/s2c min/avg/max/stddev: 65/68 124.3/226.1 484/552 75.0/128.5] - 3 TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat/9][100 pkts/14711 bytes <-> 80 pkts/10163 bytes][bytes ratio: 0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1384.9/1865.5 28162/28146 4416.3/5104.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 147.1/127.0 1506/754 238.5/99.0][PLAIN TEXT (iPhone)] - 4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][bytes ratio: 0.281 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 121.7/107.9 1665/1391 339.6/319.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 405.9/275.5 1494/1002 488.5/347.9][TLSv1.2][Client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/TLS.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][bytes ratio: -0.112 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1908.9/36.8 30435/294 7133.2/81.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 364.0/563.3 1494/1494 552.5/634.4][TLSv1.2][Client: query.ess.apple.com][JA3C: 799135475da362592a4be9199d258726][Server: *.ess.apple.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Organization: Apple Inc.][Certificate SHA-1: BD:E0:62:C3:F2:9D:09:5D:52:D4:AA:60:11:1B:36:1B:03:24:F1:9B][Validity: 2014-03-08 01:53:04 - 2029-03-08 01:53:04][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][bytes ratio: 0.271 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 35.8/42.0 225/228 76.0/80.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 362.7/235.9 1494/1002 464.1/321.5][TLSv1.2][Client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] - 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 53/0 12859.6/12856.5 101116/101113 33358.6/33358.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430.2/108.5 1506/300 466.8/82.6][PLAIN TEXT (yfV.nY)] - 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][12 pkts/2341 bytes <-> 12 pkts/2484 bytes][bytes ratio: -0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2192.2/2121.8 18656/18299 5822.2/5720.0][Pkt Len c2s/s2c min/avg/max/stddev: 64/68 195.1/207.0 331/358 97.6/107.5] - 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1255/0 6659.6/0.0 9061/0 2879.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342.0/0.0 342/0 0.0/0.0][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46] - 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][9 pkts/1842 bytes <-> 11 pkts/1151 bytes][bytes ratio: 0.231 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1922.9/792.0 6986/6468 2906.0/2008.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/64 204.7/104.6 331/128 81.8/22.8] - 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)] - 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/53 104.7/100.3 275/162 108.0/46.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 125.6/108.5 236/151 68.4/42.5] - 13 UDP 192.168.2.4:51518 -> 1.194.90.191:60312 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][15 pkts/1290 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 614/0 631.8/0.0 667/0 13.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/0 86.0/0.0 86/0 0.0/0.0] - 14 UDP 192.168.2.4:52794 -> 1.194.90.191:51727 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][12 pkts/1032 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 625/0 631.1/0.0 644/0 5.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/0 86.0/0.0 86/0 0.0/0.0] - 15 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 4794.7/0.0 42598/0 13366.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70.0/0.0 70/0 0.0/0.0] - 16 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 17 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 18 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 19 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 20 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 21 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 22 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 23 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 24 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 25 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][PLAIN TEXT (ay.OF@)] - 26 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 27 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 28 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 29 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 30 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/TLS][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes] - 31 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes] - 32 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com][PLAIN TEXT (akadns)] - 33 UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e13.whatsapp.net][PLAIN TEXT (whatsapp)] - 34 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][3 pkts/258 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)] - 35 UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] - 36 UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes] - 37 UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes] - 38 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes] - 39 TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 40 TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 41 TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 42 TCP 192.168.2.4:49203 <-> 17.178.104.14:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes] - 43 TCP 192.168.2.4:49163 <-> 17.154.66.111:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 44 TCP 192.168.2.4:49164 <-> 17.167.142.31:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 45 TCP 192.168.2.4:49165 <-> 17.172.100.55:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 46 TCP 192.168.2.4:49166 <-> 17.154.66.121:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 47 TCP 192.168.2.4:49167 <-> 17.172.100.8:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 48 TCP 192.168.2.4:49169 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 49 TCP 192.168.2.4:49175 <-> 17.172.100.53:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 50 TCP 192.168.2.4:49176 <-> 17.130.137.77:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 51 TCP 192.168.2.4:49180 <-> 17.172.100.59:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 52 TCP 192.168.2.4:49181 <-> 17.172.100.37:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 53 TCP 192.168.2.4:49182 <-> 17.172.100.52:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 54 TCP 192.168.2.4:49191 <-> 17.172.100.49:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 55 TCP 192.168.2.4:49197 <-> 17.167.142.39:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 56 TCP 192.168.2.4:49198 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] - 57 TCP 192.168.2.4:49200 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes] + 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes][Goodput ratio: 71.1/54.9][9.73 sec][bytes ratio: 0.021 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 40.5/33.0 198/347 51.1/47.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/64 145.3/93.1 525/488 100.0/64.5][PLAIN TEXT (zTdFPOk)] + 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes][Goodput ratio: 66.2/81.4][7.74 sec][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 47.8/124.4 307/539 62.9/96.2][Pkt Len c2s/s2c min/avg/max/stddev: 65/68 124.3/226.1 484/552 75.0/128.5] + 3 TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat/9][100 pkts/14711 bytes <-> 80 pkts/10163 bytes][Goodput ratio: 55.1/48.0][134.29 sec][bytes ratio: 0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1384.9/1865.5 28162/28146 4416.3/5104.8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 147.1/127.0 1506/754 238.5/99.0][PLAIN TEXT (iPhone)] + 4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][Goodput ratio: 86.5/80.2][34.28 sec][bytes ratio: 0.281 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 121.7/107.9 1665/1391 339.6/319.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 405.9/275.5 1494/1002 488.5/347.9][TLSv1.2][Client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/TLS.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][Goodput ratio: 84.8/90.3][32.84 sec][bytes ratio: -0.112 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1908.9/36.8 30435/294 7133.2/81.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 364.0/563.3 1494/1494 552.5/634.4][TLSv1.2][Client: query.ess.apple.com][JA3C: 799135475da362592a4be9199d258726][Server: *.ess.apple.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Organization: Apple Inc.][Certificate SHA-1: BD:E0:62:C3:F2:9D:09:5D:52:D4:AA:60:11:1B:36:1B:03:24:F1:9B][Validity: 2014-03-08 01:53:04 - 2029-03-08 01:53:04][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 6 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][17 pkts/6166 bytes <-> 15 pkts/3539 bytes][Goodput ratio: 84.7/76.8][0.94 sec][bytes ratio: 0.271 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 35.8/42.0 225/228 76.0/80.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 362.7/235.9 1494/1002 464.1/321.5][TLSv1.2][Client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5] + 7 TCP 192.168.2.4:49193 <-> 17.110.229.14:5223 [proto: 238/ApplePush][cat: Cloud/13][11 pkts/4732 bytes <-> 11 pkts/1194 bytes][Goodput ratio: 84.6/39.2][125.45 sec][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 53/0 12859.6/12856.5 101116/101113 33358.6/33358.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430.2/108.5 1506/300 466.8/82.6][PLAIN TEXT (yfV.nY)] + 8 UDP 192.168.2.4:51518 <-> 31.13.93.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][12 pkts/2341 bytes <-> 12 pkts/2484 bytes][Goodput ratio: 78.4/79.7][29.18 sec][bytes ratio: -0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2192.2/2121.8 18656/18299 5822.2/5720.0][Pkt Len c2s/s2c min/avg/max/stddev: 64/68 195.1/207.0 331/358 97.6/107.5] + 9 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][10 pkts/3420 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.7/0.0][59.94 sec][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1255/0 6659.6/0.0 9061/0 2879.9/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342.0/0.0 342/0 0.0/0.0][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46] + 10 UDP 192.168.2.4:52794 <-> 31.13.84.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][9 pkts/1842 bytes <-> 11 pkts/1151 bytes][Goodput ratio: 79.4/59.8][14.33 sec][bytes ratio: 0.231 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1922.9/792.0 6986/6468 2906.0/2008.5][Pkt Len c2s/s2c min/avg/max/stddev: 68/64 204.7/104.6 331/128 81.8/22.8] + 11 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/2176 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][90.14 sec][PLAIN TEXT ( 3375359593)] + 12 TCP 192.168.2.4:49199 <-> 17.172.100.70:993 [proto: 51.140/IMAPS.Apple][cat: Web/5][9 pkts/1130 bytes <-> 8 pkts/868 bytes][Goodput ratio: 47.4/39.1][0.94 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/53 104.7/100.3 275/162 108.0/46.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 125.6/108.5 236/151 68.4/42.5] + 13 UDP 192.168.2.4:51518 -> 1.194.90.191:60312 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][15 pkts/1290 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.1/0.0][8.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 614/0 631.8/0.0 667/0 13.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/0 86.0/0.0 86/0 0.0/0.0] + 14 UDP 192.168.2.4:52794 -> 1.194.90.191:51727 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][12 pkts/1032 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.1/0.0][6.95 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 625/0 631.1/0.0 644/0 5.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/0 86.0/0.0 86/0 0.0/0.0] + 15 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.9/0.0][43.15 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 4794.7/0.0 42598/0 13366.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70.0/0.0 70/0 0.0/0.0] + 16 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 17 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 18 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 19 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 20 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 21 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 22 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][29.18 sec] + 23 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec] + 24 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec] + 25 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec][PLAIN TEXT (ay.OF@)] + 26 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec] + 27 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec] + 28 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec] + 29 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][14.33 sec] + 30 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/TLS][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes][Goodput ratio: 0.0/39.0][0.03 sec] + 31 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes][Goodput ratio: 0.0/0.0][0.20 sec] + 32 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Goodput ratio: 46.3/82.9][0.07 sec][Host: query.ess.apple.com][PLAIN TEXT (akadns)] + 33 UDP 192.168.2.4:52190 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Goodput ratio: 44.2/79.0][0.03 sec][Host: e13.whatsapp.net][PLAIN TEXT (whatsapp)] + 34 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.0/0.0][77.07 sec][PLAIN TEXT (SpotUdp)] + 35 UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.7/0.0][0.24 sec] + 36 UDP [fe80::da30:62ff:fe56:1c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.7/0.0][0.24 sec] + 37 UDP 169.254.166.207:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes][Goodput ratio: 61.2/0.0][0.24 sec] + 38 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/218 bytes -> 0 pkts/0 bytes][Goodput ratio: 61.2/0.0][0.24 sec] + 39 TCP 192.168.2.4:49173 <-> 93.186.135.82:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.03 sec] + 40 TCP 192.168.2.4:49174 <-> 5.178.42.26:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.03 sec] + 41 TCP 192.168.2.4:49194 <-> 93.62.150.157:443 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.06 sec] + 42 TCP 192.168.2.4:49203 <-> 17.178.104.14:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0.0/0.0][0.28 sec] + 43 TCP 192.168.2.4:49163 <-> 17.154.66.111:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.30 sec] + 44 TCP 192.168.2.4:49164 <-> 17.167.142.31:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.17 sec] + 45 TCP 192.168.2.4:49165 <-> 17.172.100.55:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.21 sec] + 46 TCP 192.168.2.4:49166 <-> 17.154.66.121:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.30 sec] + 47 TCP 192.168.2.4:49167 <-> 17.172.100.8:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.16 sec] + 48 TCP 192.168.2.4:49169 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.21 sec] + 49 TCP 192.168.2.4:49175 <-> 17.172.100.53:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.22 sec] + 50 TCP 192.168.2.4:49176 <-> 17.130.137.77:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.05 sec] + 51 TCP 192.168.2.4:49180 <-> 17.172.100.59:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.28 sec] + 52 TCP 192.168.2.4:49181 <-> 17.172.100.37:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.28 sec] + 53 TCP 192.168.2.4:49182 <-> 17.172.100.52:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.16 sec] + 54 TCP 192.168.2.4:49191 <-> 17.172.100.49:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.17 sec] + 55 TCP 192.168.2.4:49197 <-> 17.167.142.39:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.26 sec] + 56 TCP 192.168.2.4:49198 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.26 sec] + 57 TCP 192.168.2.4:49200 <-> 17.167.142.13:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0.0/0.0][0.28 sec] diff --git a/tests/result/whatsapp_login_chat.pcap.out b/tests/result/whatsapp_login_chat.pcap.out index 48c4c95fa..6d642ec2b 100644 --- a/tests/result/whatsapp_login_chat.pcap.out +++ b/tests/result/whatsapp_login_chat.pcap.out @@ -6,12 +6,12 @@ WhatsApp 32 3243 2 Spotify 1 86 1 ApplePush 6 2095 1 - 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes][bytes ratio: 0.415 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 179.5/27.0 2803/212 622.4/56.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 629.9/312.7 1494/1002 544.4/369.6][PLAIN TEXT (BjmkLnl)] - 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/10 1370.8/2065.9 10513/10479 2987.9/3556.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.5/89.9 267/144 67.5/22.2][PLAIN TEXT (iPhone)] - 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 659/0 4000.2/0.0 10199/0 3475.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 220/0 349.2/0.0 375/0 57.8/0.0] - 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1983/0 5058.0/0.0 8569/0 2765.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342.0/0.0 342/0 0.0/0.0][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46] - 5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 3375359593)] - 6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Host: e12.whatsapp.net][PLAIN TEXT (whatsapp)] - 7 UDP [fe80::189c:c31b:1298:224]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/111 bytes -> 0 pkts/0 bytes][PLAIN TEXT (airplay)] - 8 UDP 192.168.2.4:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][PLAIN TEXT (airplay)] - 9 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)] + 1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes][Goodput ratio: 91.4/82.7][3.89 sec][bytes ratio: 0.415 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 179.5/27.0 2803/212 622.4/56.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 629.9/312.7 1494/1002 544.4/369.6][PLAIN TEXT (BjmkLnl)] + 2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes][Goodput ratio: 36.8/25.9][19.72 sec][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/10 1370.8/2065.9 10513/10479 2987.9/3556.1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105.5/89.9 267/144 67.5/22.2][PLAIN TEXT (iPhone)] + 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 238/ApplePush][cat: Cloud/13][6 pkts/2095 bytes -> 0 pkts/0 bytes][Goodput ratio: 81.1/0.0][20.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 659/0 4000.2/0.0 10199/0 3475.6/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 220/0 349.2/0.0 375/0 57.8/0.0] + 4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Goodput ratio: 87.7/0.0][25.29 sec][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1983/0 5058.0/0.0 8569/0 2765.5/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342.0/0.0 342/0 0.0/0.0][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46] + 5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][Goodput ratio: 92.2/0.0][30.04 sec][PLAIN TEXT ( 3375359593)] + 6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/204 bytes][Goodput ratio: 44.2/79.0][0.03 sec][Host: e12.whatsapp.net][PLAIN TEXT (whatsapp)] + 7 UDP [fe80::189c:c31b:1298:224]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/111 bytes -> 0 pkts/0 bytes][Goodput ratio: 43.8/0.0][< 1 sec][PLAIN TEXT (airplay)] + 8 UDP 192.168.2.4:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 53.3/0.0][< 1 sec][PLAIN TEXT (airplay)] + 9 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.6/0.0][< 1 sec][PLAIN TEXT (SpotUdp)] diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out index 0f3ef72bf..dfe3d9087 100644 --- a/tests/result/whatsapp_voice_and_message.pcap.out +++ b/tests/result/whatsapp_voice_and_message.pcap.out @@ -1,16 +1,16 @@ WhatsAppCall 44 5916 8 WhatsApp 217 22139 5 - 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes][bytes ratio: -0.095 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1857.9/1709.0 28667/28718 5782.9/5581.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84.6/95.9 299/559 55.4/94.3][PLAIN TEXT (Android)] - 2 TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes][bytes ratio: 0.214 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 680.6/812.4 10696/10748 2366.1/2569.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 126.2/89.1 590/469 124.1/91.7][PLAIN TEXT (Android)] - 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes][bytes ratio: 0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 717.0/767.1 8044/4043 2210.4/1535.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 179.3/134.6 590/1022 202.7/240.7][PLAIN TEXT (Android)] - 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes][bytes ratio: 0.002 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 495.5/397.2 6149/6160 1350.6/1325.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 88.9/88.5 299/308 58.4/60.8][PLAIN TEXT (Android)] - 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes][bytes ratio: 0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 96.3/113.5 318/331 104.1/95.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 80.2/84.4 231/286 43.9/62.4][PLAIN TEXT (Android)] - 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes][bytes ratio: 0.419 (Upload)][IAT c2s/s2c min/avg/max/stddev: 208/189 15170.2/209.7 60006/241 25885.9/22.5][Pkt Len c2s/s2c min/avg/max/stddev: 168/86 168.0/86.0 168/86 0.0/0.0] - 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] - 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes] + 1 TCP 10.8.0.1:42241 <-> 173.192.222.189:5222 [proto: 142/WhatsApp][cat: Chat/9][30 pkts/2539 bytes <-> 32 pkts/3070 bytes][Goodput ratio: 35.4/43.7][47.83 sec][bytes ratio: -0.095 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1857.9/1709.0 28667/28718 5782.9/5581.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84.6/95.9 299/559 55.4/94.3][PLAIN TEXT (Android)] + 2 TCP 10.8.0.1:35480 <-> 184.173.179.46:443 [proto: 142/WhatsApp][cat: Chat/9][24 pkts/3029 bytes <-> 22 pkts/1961 bytes][Goodput ratio: 56.5/39.4][13.49 sec][bytes ratio: 0.214 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 680.6/812.4 10696/10748 2366.1/2569.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 126.2/89.1 590/469 124.1/91.7][PLAIN TEXT (Android)] + 3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes][Goodput ratio: 69.1/59.9][8.61 sec][bytes ratio: 0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 717.0/767.1 8044/4043 2210.4/1535.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 179.3/134.6 590/1022 202.7/240.7][PLAIN TEXT (Android)] + 4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes][Goodput ratio: 38.4/38.9][10.07 sec][bytes ratio: 0.002 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 495.5/397.2 6149/6160 1350.6/1325.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 88.9/88.5 299/308 58.4/60.8][PLAIN TEXT (Android)] + 5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes][Goodput ratio: 30.9/36.0][1.34 sec][bytes ratio: 0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 96.3/113.5 318/331 104.1/95.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 80.2/84.4 231/286 43.9/62.4][PLAIN TEXT (Android)] + 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes][Goodput ratio: 74.9/51.0][60.68 sec][bytes ratio: 0.419 (Upload)][IAT c2s/s2c min/avg/max/stddev: 208/189 15170.2/209.7 60006/241 25885.9/22.5][Pkt Len c2s/s2c min/avg/max/stddev: 168/86 168.0/86.0 168/86 0.0/0.0] + 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][58.83 sec] + 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][58.25 sec] + 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][60.17 sec] + 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][57.91 sec] + 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][60.29 sec] + 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][59.22 sec] + 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 78.45/STUN.WhatsAppCall][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][Goodput ratio: 74.9/50.9][59.74 sec] diff --git a/tests/result/whatsappfiles.pcap.out b/tests/result/whatsappfiles.pcap.out index 1be8a6f18..31562abea 100644 --- a/tests/result/whatsappfiles.pcap.out +++ b/tests/result/whatsappfiles.pcap.out @@ -5,5 +5,5 @@ JA3 Host Stats: 1 192.168.2.29 2 - 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes][bytes ratio: -0.920 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 61.6/47.4 5775/5834 571.5/481.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75.0/1333.7 583/1464 51.0/391.7][TLSv1.2][Client: mmg-fna.whatsapp.net][JA3C: 4e1a414c4f4c99097edd2a9a98e336c8][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] - 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes][bytes ratio: 0.846 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 322.0/659.4 24639/64743 2277.8/6018.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 1175.1/105.6 1464/1464 540.1/167.3][TLSv1.2][Client: mmg-fna.whatsapp.net][JA3C: 107144b88827da5da9ed42d8776ccdc5][Server: *.whatsapp.net][JA3S: 2d1eb5817ece335c24904f516ad5da12][Organization: Facebook, Inc.][Certificate SHA-1: 10:54:EB:4A:A2:2A:42:2F:A6:1C:E7:9C:F4:84:10:7E:30:2E:56:BB][Validity: 2017-04-26 00:00:00 - 2018-05-01 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 1 TCP 192.168.2.29:49698 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][132 pkts/9906 bytes <-> 178 pkts/237405 bytes][Goodput ratio: 11.8/95.0][7.27 sec][bytes ratio: -0.920 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 61.6/47.4 5775/5834 571.5/481.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75.0/1333.7 583/1464 51.0/391.7][TLSv1.2][Client: mmg-fna.whatsapp.net][JA3C: 4e1a414c4f4c99097edd2a9a98e336c8][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] + 2 TCP 192.168.2.29:49674 <-> 185.60.216.53:443 [proto: 91.242/TLS.WhatsAppFiles][cat: Download-FileTransfer-FileSharing/7][161 pkts/189194 bytes <-> 149 pkts/15728 bytes][Goodput ratio: 94.4/31.7][110.02 sec][bytes ratio: 0.846 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 322.0/659.4 24639/64743 2277.8/6018.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 1175.1/105.6 1464/1464 540.1/167.3][TLSv1.2][Client: mmg-fna.whatsapp.net][JA3C: 107144b88827da5da9ed42d8776ccdc5][Server: *.whatsapp.net][JA3S: 2d1eb5817ece335c24904f516ad5da12][Organization: Facebook, Inc.][Certificate SHA-1: 10:54:EB:4A:A2:2A:42:2F:A6:1C:E7:9C:F4:84:10:7E:30:2E:56:BB][Validity: 2017-04-26 00:00:00 - 2018-05-01 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256] diff --git a/tests/result/wireguard.pcap.out b/tests/result/wireguard.pcap.out index f47fbf3cd..2d139a252 100644 --- a/tests/result/wireguard.pcap.out +++ b/tests/result/wireguard.pcap.out @@ -1,3 +1,3 @@ WireGuard 2399 734182 1 - 1 UDP 139.162.192.157:51820 <-> 192.168.0.14:36116 [proto: 206/WireGuard][cat: VPN/2][1362 pkts/518526 bytes <-> 1037 pkts/215656 bytes][bytes ratio: 0.413 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 268.5/313.9 10882/13538 1111.4/1203.7][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 380.7/208.0 1404/1404 361.7/134.8][PLAIN TEXT (RJxM17)] + 1 UDP 139.162.192.157:51820 <-> 192.168.0.14:36116 [proto: 206/WireGuard][cat: VPN/2][1362 pkts/518526 bytes <-> 1037 pkts/215656 bytes][Goodput ratio: 89.0/79.8][381.21 sec][bytes ratio: 0.413 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 268.5/313.9 10882/13538 1111.4/1203.7][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 380.7/208.0 1404/1404 361.7/134.8][PLAIN TEXT (RJxM17)] diff --git a/tests/result/youtube_quic.pcap.out b/tests/result/youtube_quic.pcap.out index f52911cf0..26d05e004 100644 --- a/tests/result/youtube_quic.pcap.out +++ b/tests/result/youtube_quic.pcap.out @@ -1,6 +1,6 @@ YouTube 258 178495 1 Google 31 13144 2 - 1 UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Host: yt3.ggpht.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8.6/5.2 70/69 14.6/11.6][Pkt Len c2s/s2c min/avg/max/stddev: 77/73 142.6/1119.9 1392/1392 176.1/437.4][PLAIN TEXT (yt3.ggpht.com)] - 2 UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Host: googleads.g.doubleclick.net][bytes ratio: -0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 36.1/37.3 114/158 47.9/51.9][Pkt Len c2s/s2c min/avg/max/stddev: 80/69 436.6/526.2 1392/1392 523.6/546.1][PLAIN TEXT (googleads.g.doubleclick.net)] - 3 UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Host: pagead2.googlesyndication.com][bytes ratio: 0.032 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/8 40.2/17.2 89/44 35.1/16.6][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 330.3/361.2 1392/1392 449.0/478.5][PLAIN TEXT (pagead2.googlesyndication.com)] + 1 UDP 192.168.1.7:56074 <-> 216.58.198.33:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][113 pkts/16111 bytes <-> 145 pkts/162384 bytes][Goodput ratio: 70.5/96.2][3.12 sec][Host: yt3.ggpht.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8.6/5.2 70/69 14.6/11.6][Pkt Len c2s/s2c min/avg/max/stddev: 77/73 142.6/1119.9 1392/1392 176.1/437.4][PLAIN TEXT (yt3.ggpht.com)] + 2 UDP 192.168.1.7:53859 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][9 pkts/3929 bytes <-> 9 pkts/4736 bytes][Goodput ratio: 90.4/92.0][0.44 sec][Host: googleads.g.doubleclick.net][bytes ratio: -0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 36.1/37.3 114/158 47.9/51.9][Pkt Len c2s/s2c min/avg/max/stddev: 80/69 436.6/526.2 1392/1392 523.6/546.1][PLAIN TEXT (googleads.g.doubleclick.net)] + 3 UDP 192.168.1.7:54997 <-> 216.58.205.66:443 [proto: 188.126/QUIC.Google][cat: Web/5][7 pkts/2312 bytes <-> 6 pkts/2167 bytes][Goodput ratio: 87.2/88.3][0.56 sec][Host: pagead2.googlesyndication.com][bytes ratio: 0.032 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/8 40.2/17.2 89/44 35.1/16.6][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 330.3/361.2 1392/1392 449.0/478.5][PLAIN TEXT (pagead2.googlesyndication.com)] diff --git a/tests/result/youtubeupload.pcap.out b/tests/result/youtubeupload.pcap.out index 7533d6e12..ce4a75468 100644 --- a/tests/result/youtubeupload.pcap.out +++ b/tests/result/youtubeupload.pcap.out @@ -5,6 +5,6 @@ JA3 Host Stats: 1 192.168.2.27 1 - 1 UDP 192.168.2.27:51925 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][80 pkts/100473 bytes <-> 20 pkts/6003 bytes][Host: upload.youtube.com][bytes ratio: 0.887 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.0/249.2 1825/1883 216.5/551.3][Pkt Len c2s/s2c min/avg/max/stddev: 77/58 1255.9/300.1 1392/1392 385.3/473.5][PLAIN TEXT (upload.youtube.comQ)] - 2 UDP 192.168.2.27:62232 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][13 pkts/8651 bytes <-> 11 pkts/6463 bytes][Host: upload.youtube.com][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1666.9/2090.5 14942/15097 4450.3/4940.9][Pkt Len c2s/s2c min/avg/max/stddev: 65/60 665.5/587.5 1392/1392 633.6/618.0][PLAIN TEXT (upload.youtube.comQ)] - 3 TCP 192.168.2.27:57452 <-> 172.217.23.111:443 [proto: 91.136/TLS.YouTubeUpload][cat: Media/1][6 pkts/649 bytes <-> 7 pkts/4799 bytes][bytes ratio: -0.762 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.5/11.8 57/39 23.4/15.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108.2/685.6 256/1484 73.1/634.0][TLSv1.2][Client: upload.youtube.com][JA3C: bc6c386f480ee97b9d9e52d472b772d8][Server: upload.video.google.com][JA3S: b26c652e0a402a24b5ca2a660e84f9d5][Organization: Google Inc][Certificate SHA-1: EE:3E:32:FB:B1:2E:82:EE:DF:FF:C0:1B:27:CD:BF:D8:8A:CB:BD:63][Validity: 2017-11-01 13:50:15 - 2018-01-24 13:31:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 1 UDP 192.168.2.27:51925 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][80 pkts/100473 bytes <-> 20 pkts/6003 bytes][Goodput ratio: 96.7/86.0][3.49 sec][Host: upload.youtube.com][bytes ratio: 0.887 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33.0/249.2 1825/1883 216.5/551.3][Pkt Len c2s/s2c min/avg/max/stddev: 77/58 1255.9/300.1 1392/1392 385.3/473.5][PLAIN TEXT (upload.youtube.comQ)] + 2 UDP 192.168.2.27:62232 <-> 172.217.23.111:443 [proto: 188.136/QUIC.YouTubeUpload][cat: Media/1][13 pkts/8651 bytes <-> 11 pkts/6463 bytes][Goodput ratio: 93.7/92.8][16.89 sec][Host: upload.youtube.com][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1666.9/2090.5 14942/15097 4450.3/4940.9][Pkt Len c2s/s2c min/avg/max/stddev: 65/60 665.5/587.5 1392/1392 633.6/618.0][PLAIN TEXT (upload.youtube.comQ)] + 3 TCP 192.168.2.27:57452 <-> 172.217.23.111:443 [proto: 91.136/TLS.YouTubeUpload][cat: Media/1][6 pkts/649 bytes <-> 7 pkts/4799 bytes][Goodput ratio: 45.4/91.9][0.12 sec][bytes ratio: -0.762 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21.5/11.8 57/39 23.4/15.2][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108.2/685.6 256/1484 73.1/634.0][TLSv1.2][Client: upload.youtube.com][JA3C: bc6c386f480ee97b9d9e52d472b772d8][Server: upload.video.google.com][JA3S: b26c652e0a402a24b5ca2a660e84f9d5][Organization: Google Inc][Certificate SHA-1: EE:3E:32:FB:B1:2E:82:EE:DF:FF:C0:1B:27:CD:BF:D8:8A:CB:BD:63][Validity: 2017-11-01 13:50:15 - 2018-01-24 13:31:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] diff --git a/tests/result/zabbix.pcap.out b/tests/result/zabbix.pcap.out index a91ebe491..e24605e6c 100644 --- a/tests/result/zabbix.pcap.out +++ b/tests/result/zabbix.pcap.out @@ -1,3 +1,3 @@ Zabbix 10 715 1 - 1 TCP 192.168.67.98:57162 <-> 192.168.67.25:10050 [proto: 248/Zabbix][cat: Network/14][5 pkts/361 bytes <-> 5 pkts/354 bytes][bytes ratio: 0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 1.2/1.7 4/4 1.6/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 72.2/70.8 89/82 9.0/6.4] + 1 TCP 192.168.67.98:57162 <-> 192.168.67.25:10050 [proto: 248/Zabbix][cat: Network/14][5 pkts/361 bytes <-> 5 pkts/354 bytes][Goodput ratio: 6.4/4.5][0.01 sec][bytes ratio: 0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 1.2/1.7 4/4 1.6/1.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 72.2/70.8 89/82 9.0/6.4] diff --git a/tests/result/zcash.pcap.out b/tests/result/zcash.pcap.out index c2feb1e95..8fd892dd4 100644 --- a/tests/result/zcash.pcap.out +++ b/tests/result/zcash.pcap.out @@ -1,3 +1,3 @@ Mining 145 20644 1 - 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes][bytes ratio: 0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15953.2/19140.6 60205/60205 20620.7/20751.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142.0/142.9 326/369 91.4/88.4][PLAIN TEXT (method)] + 1 TCP 192.168.2.92:55190 <-> 178.32.196.217:9050 [proto: 42/Mining][cat: Mining/99][83 pkts/11785 bytes <-> 62 pkts/8859 bytes][Goodput ratio: 53.4/53.3][1154.54 sec][bytes ratio: 0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15953.2/19140.6 60205/60205 20620.7/20751.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142.0/142.9 326/369 91.4/88.4][PLAIN TEXT (method)] diff --git a/tests/result/zoom.pcap.out b/tests/result/zoom.pcap.out index 0d577f08d..df91995f4 100644 --- a/tests/result/zoom.pcap.out +++ b/tests/result/zoom.pcap.out @@ -16,36 +16,36 @@ JA3 Host Stats: 1 192.168.1.117 4 - 1 UDP 192.168.1.117:58327 <-> 109.94.160.99:8801 [proto: 189/Zoom][cat: Video/26][10 pkts/7806 bytes <-> 175 pkts/184434 bytes][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 13.8/7.8 32/35 10.6/4.6][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 780.6/1053.9 1071/1071 444.1/129.4][PLAIN TEXT (replace)] - 2 TCP 192.168.1.117:54871 <-> 109.94.160.99:443 [proto: 91.189/TLS.Zoom][cat: Video/26][127 pkts/54118 bytes <-> 83 pkts/17526 bytes][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 16.9/9.2 950/156 93.0/23.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 426.1/211.2 1506/1506 458.2/363.6][TLSv1.2][Client: zoomfrn99mmr.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 3 TCP 192.168.1.117:54866 <-> 52.202.62.236:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/3097 bytes <-> 17 pkts/18622 bytes][bytes ratio: -0.715 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32.5/27.5 114/143 46.8/50.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 193.6/1095.4 864/1506 265.3/617.8][TLSv1.2][Client: www3.zoom.us][JA3C: 535aca3d99fc247509cd50933cd71d37][Server: *.zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 4 TCP 192.168.1.117:54865 <-> 52.202.62.196:443 [proto: 91.189/TLS.Zoom][cat: Video/26][15 pkts/2448 bytes <-> 15 pkts/16505 bytes][bytes ratio: -0.742 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.2/21.7 112/136 46.2/45.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 163.2/1100.3 687/1506 200.1/622.5][TLSv1.2][Client: zoom.us][JA3C: 535aca3d99fc247509cd50933cd71d37][Server: *.zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 5 TCP 192.168.1.117:54868 <-> 213.19.144.104:443 [proto: 91.189/TLS.Zoom][cat: Video/26][17 pkts/2534 bytes <-> 13 pkts/7180 bytes][bytes ratio: -0.478 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.9/41.1 87/168 27.5/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 149.1/552.3 642/1506 174.8/611.7][TLSv1.2][Client: zoomam104zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 6 TCP 192.168.1.117:54869 <-> 213.244.140.85:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/2480 bytes <-> 13 pkts/7182 bytes][bytes ratio: -0.487 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.3/40.9 202/224 51.8/71.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 155.0/552.5 642/1506 178.5/611.7][TLSv1.2][Client: zoomfr85zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 7 TCP 192.168.1.117:54867 <-> 213.19.144.105:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/2468 bytes <-> 13 pkts/7188 bytes][bytes ratio: -0.489 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.2/42.6 147/178 40.5/63.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 154.2/552.9 642/1506 178.9/611.6][TLSv1.2][Client: zoomam105zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 8 TCP 192.168.1.117:54870 <-> 213.244.140.84:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/1832 bytes <-> 12 pkts/6702 bytes][bytes ratio: -0.571 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.9/40.2 187/280 49.0/91.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 114.5/558.5 583/1506 129.0/636.0][TLSv1.2][Client: zoomfr84zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 9 TCP 192.168.1.117:54864 <-> 52.202.62.238:443 [proto: 91.189/TLS.Zoom][cat: Video/26][10 pkts/2030 bytes <-> 8 pkts/6283 bytes][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 58.5/40.3 110/131 49.6/57.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 203.0/785.4 812/1506 256.3/675.1][TLSv1.2][Client: log.zoom.us][JA3C: 535aca3d99fc247509cd50933cd71d37][Server: *.zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] - 10 TCP 192.168.1.117:53872 <-> 35.186.224.53:443 [proto: 91.126/TLS.Google][cat: Web/5][8 pkts/2017 bytes <-> 8 pkts/4822 bytes][bytes ratio: -0.410 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9.7/9.5 58/45 21.6/16.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 252.1/602.8 1434/1484 447.5/585.4] - 11 TCP 192.168.1.117:54863 <-> 167.99.215.164:4434 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/2198 bytes <-> 10 pkts/2067 bytes][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 644.8/739.7 5003/5003 1647.5/1740.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 219.8/206.7 932/1292 283.1/364.2][TLSv1.2][Client: dati.ntop.org][JA3C: a795593605a13211941d44505b4d1e39][JA3S: dd4b012f7a008e741554bd0a4ed12920][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] - 12 TCP 192.168.1.117:54854 -> 172.217.21.72:443 [proto: 91.126/TLS.Google][cat: Web/5][4 pkts/1060 bytes -> 0 pkts/0 bytes][TLSv1][Client: www.googletagmanager.com][JA3C: d78489b860c8bf7838a6ff0b4d131541] - 13 TCP 192.168.1.117:53867 <-> 104.199.65.42:80 [proto: 7.126/HTTP.Google][cat: Web/5][4 pkts/710 bytes <-> 2 pkts/242 bytes][bytes ratio: 0.492 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30/64 31.0/64.0 32/64 0.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/121 177.5/121.0 329/121 115.0/0.0] - 14 UDP 192.168.1.117:61731 <-> 109.94.160.99:8801 [proto: 189/Zoom][cat: Video/26][4 pkts/372 bytes <-> 4 pkts/290 bytes][bytes ratio: 0.124 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/35 28.0/27.3 49/47 18.5/19.9][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 93.0/72.5 151/93 39.9/13.7][PLAIN TEXT (replace)] - 15 UDP 192.168.1.117:60620 <-> 109.94.160.99:8801 [proto: 189/Zoom][cat: Video/26][4 pkts/408 bytes <-> 3 pkts/222 bytes][bytes ratio: 0.295 (Upload)][IAT c2s/s2c min/avg/max/stddev: 7/31 413.3/15.5 1209/31 562.7/15.5][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 102.0/74.0 149/85 33.3/10.4][PLAIN TEXT (replace)] - 16 UDP 192.168.1.117:23903 <-> 162.255.37.14:3478 [proto: 78.189/STUN.Zoom][cat: Video/26][3 pkts/258 bytes <-> 3 pkts/222 bytes][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/9 10.0/9.0 10/9 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/74 86.0/74.0 86/74 0.0/0.0] - 17 UDP 192.168.1.117:23903 <-> 162.255.38.14:3478 [proto: 78.189/STUN.Zoom][cat: Video/26][3 pkts/258 bytes <-> 3 pkts/222 bytes][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/9 10.0/9.5 10/10 0.0/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 86/74 86.0/74.0 86/74 0.0/0.0] - 18 UDP 192.168.1.117:23903 <-> 162.255.38.14:3479 [proto: 78.189/STUN.Zoom][cat: Video/26][3 pkts/258 bytes <-> 3 pkts/222 bytes][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/9 10.0/9.5 10/10 0.0/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 86/74 86.0/74.0 86/74 0.0/0.0] - 19 UDP 192.168.1.117:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/330 bytes -> 0 pkts/0 bytes][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)] - 20 UDP 192.168.0.1:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/321 bytes -> 0 pkts/0 bytes][Host: tl-sg116e][DHCP Fingerprint: 1,3] - 21 TCP 192.168.1.117:54341 -> 62.149.152.153:993 [proto: 51/IMAPS][cat: Email/3][2 pkts/226 bytes -> 0 pkts/0 bytes] - 22 UDP 192.168.1.117:65394 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Host: local][PLAIN TEXT (servers)] - 23 UDP 192.168.1.117:51185 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/96 bytes][Host: zoomfrn99mmr.zoom.us][PLAIN TEXT (zoomfrn)] - 24 UDP 192.168.1.117:58063 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/78 bytes <-> 1 pkts/94 bytes][Host: zoomfr84zc.zoom.us][PLAIN TEXT (zoomfr84z)] - 25 UDP 192.168.1.117:62563 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/78 bytes <-> 1 pkts/94 bytes][Host: zoomfr85zc.zoom.us][PLAIN TEXT (zoomfr85z)] - 26 UDP 192.168.1.117:57025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )] - 27 UDP 192.168.1.117:62988 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/72 bytes <-> 1 pkts/88 bytes][Host: www3.zoom.us] - 28 UDP 192.168.1.117:64352 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/71 bytes <-> 1 pkts/87 bytes][Host: log.zoom.us] - 29 ICMP 192.168.1.117:0 -> 162.255.38.14:0 [proto: 81/ICMP][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes] - 30 TCP 192.168.1.117:54798 <-> 13.225.84.182:443 [proto: 91/TLS][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/60 bytes] - 31 UDP 192.168.1.117:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][PLAIN TEXT (spotify)] - 32 UDP 192.168.1.117:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)] - 33 ICMP 192.168.1.117:0 -> 192.168.1.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes] + 1 UDP 192.168.1.117:58327 <-> 109.94.160.99:8801 [proto: 189/Zoom][cat: Video/26][10 pkts/7806 bytes <-> 175 pkts/184434 bytes][Goodput ratio: 94.6/96.0][1.44 sec][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 13.8/7.8 32/35 10.6/4.6][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 780.6/1053.9 1071/1071 444.1/129.4][PLAIN TEXT (replace)] + 2 TCP 192.168.1.117:54871 <-> 109.94.160.99:443 [proto: 91.189/TLS.Zoom][cat: Video/26][127 pkts/54118 bytes <-> 83 pkts/17526 bytes][Goodput ratio: 84.5/68.6][2.00 sec][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 16.9/9.2 950/156 93.0/23.6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 426.1/211.2 1506/1506 458.2/363.6][TLSv1.2][Client: zoomfrn99mmr.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 3 TCP 192.168.1.117:54866 <-> 52.202.62.236:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/3097 bytes <-> 17 pkts/18622 bytes][Goodput ratio: 71.3/94.9][0.61 sec][bytes ratio: -0.715 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32.5/27.5 114/143 46.8/50.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 193.6/1095.4 864/1506 265.3/617.8][TLSv1.2][Client: www3.zoom.us][JA3C: 535aca3d99fc247509cd50933cd71d37][Server: *.zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 4 TCP 192.168.1.117:54865 <-> 52.202.62.196:443 [proto: 91.189/TLS.Zoom][cat: Video/26][15 pkts/2448 bytes <-> 15 pkts/16505 bytes][Goodput ratio: 65.9/94.9][0.50 sec][bytes ratio: -0.742 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31.2/21.7 112/136 46.2/45.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 163.2/1100.3 687/1506 200.1/622.5][TLSv1.2][Client: zoom.us][JA3C: 535aca3d99fc247509cd50933cd71d37][Server: *.zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 5 TCP 192.168.1.117:54868 <-> 213.19.144.104:443 [proto: 91.189/TLS.Zoom][cat: Video/26][17 pkts/2534 bytes <-> 13 pkts/7180 bytes][Goodput ratio: 56.2/88.0][0.41 sec][bytes ratio: -0.478 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.9/41.1 87/168 27.5/61.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 149.1/552.3 642/1506 174.8/611.7][TLSv1.2][Client: zoomam104zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 6 TCP 192.168.1.117:54869 <-> 213.244.140.85:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/2480 bytes <-> 13 pkts/7182 bytes][Goodput ratio: 57.4/88.0][0.39 sec][bytes ratio: -0.487 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.3/40.9 202/224 51.8/71.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 155.0/552.5 642/1506 178.5/611.7][TLSv1.2][Client: zoomfr85zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 7 TCP 192.168.1.117:54867 <-> 213.19.144.105:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/2468 bytes <-> 13 pkts/7188 bytes][Goodput ratio: 57.7/88.0][0.42 sec][bytes ratio: -0.489 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30.2/42.6 147/178 40.5/63.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 154.2/552.9 642/1506 178.9/611.6][TLSv1.2][Client: zoomam105zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 8 TCP 192.168.1.117:54870 <-> 213.244.140.84:443 [proto: 91.189/TLS.Zoom][cat: Video/26][16 pkts/1832 bytes <-> 12 pkts/6702 bytes][Goodput ratio: 44.3/88.1][0.38 sec][bytes ratio: -0.571 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27.9/40.2 187/280 49.0/91.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 114.5/558.5 583/1506 129.0/636.0][TLSv1.2][Client: zoomfr84zc.zoom.us][JA3C: c51de225944b7d58d48c0f99f86ba8e6][Server: *.zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 9 TCP 192.168.1.117:54864 <-> 52.202.62.238:443 [proto: 91.189/TLS.Zoom][cat: Video/26][10 pkts/2030 bytes <-> 8 pkts/6283 bytes][Goodput ratio: 72.2/92.8][0.47 sec][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 58.5/40.3 110/131 49.6/57.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 203.0/785.4 812/1506 256.3/675.1][TLSv1.2][Client: log.zoom.us][JA3C: 535aca3d99fc247509cd50933cd71d37][Server: *.zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] + 10 TCP 192.168.1.117:53872 <-> 35.186.224.53:443 [proto: 91.126/TLS.Google][cat: Web/5][8 pkts/2017 bytes <-> 8 pkts/4822 bytes][Goodput ratio: 73.8/89.0][0.07 sec][bytes ratio: -0.410 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9.7/9.5 58/45 21.6/16.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 252.1/602.8 1434/1484 447.5/585.4] + 11 TCP 192.168.1.117:54863 <-> 167.99.215.164:4434 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/2198 bytes <-> 10 pkts/2067 bytes][Goodput ratio: 69.4/67.6][5.26 sec][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 644.8/739.7 5003/5003 1647.5/1740.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 219.8/206.7 932/1292 283.1/364.2][TLSv1.2][Client: dati.ntop.org][JA3C: a795593605a13211941d44505b4d1e39][JA3S: dd4b012f7a008e741554bd0a4ed12920][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] + 12 TCP 192.168.1.117:54854 -> 172.217.21.72:443 [proto: 91.126/TLS.Google][cat: Web/5][4 pkts/1060 bytes -> 0 pkts/0 bytes][Goodput ratio: 75.0/0.0][6.46 sec][TLSv1][Client: www.googletagmanager.com][JA3C: d78489b860c8bf7838a6ff0b4d131541] + 13 TCP 192.168.1.117:53867 <-> 104.199.65.42:80 [proto: 7.126/HTTP.Google][cat: Web/5][4 pkts/710 bytes <-> 2 pkts/242 bytes][Goodput ratio: 62.7/45.3][0.09 sec][bytes ratio: 0.492 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30/64 31.0/64.0 32/64 0.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/121 177.5/121.0 329/121 115.0/0.0] + 14 UDP 192.168.1.117:61731 <-> 109.94.160.99:8801 [proto: 189/Zoom][cat: Video/26][4 pkts/372 bytes <-> 4 pkts/290 bytes][Goodput ratio: 54.7/39.2][0.11 sec][bytes ratio: 0.124 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/35 28.0/27.3 49/47 18.5/19.9][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 93.0/72.5 151/93 39.9/13.7][PLAIN TEXT (replace)] + 15 UDP 192.168.1.117:60620 <-> 109.94.160.99:8801 [proto: 189/Zoom][cat: Video/26][4 pkts/408 bytes <-> 3 pkts/222 bytes][Goodput ratio: 58.7/40.8][1.24 sec][bytes ratio: 0.295 (Upload)][IAT c2s/s2c min/avg/max/stddev: 7/31 413.3/15.5 1209/31 562.7/15.5][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 102.0/74.0 149/85 33.3/10.4][PLAIN TEXT (replace)] + 16 UDP 192.168.1.117:23903 <-> 162.255.37.14:3478 [proto: 78.189/STUN.Zoom][cat: Video/26][3 pkts/258 bytes <-> 3 pkts/222 bytes][Goodput ratio: 51.0/43.0][0.19 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/9 10.0/9.0 10/9 0.0/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 86/74 86.0/74.0 86/74 0.0/0.0] + 17 UDP 192.168.1.117:23903 <-> 162.255.38.14:3478 [proto: 78.189/STUN.Zoom][cat: Video/26][3 pkts/258 bytes <-> 3 pkts/222 bytes][Goodput ratio: 51.0/43.0][0.18 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/9 10.0/9.5 10/10 0.0/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 86/74 86.0/74.0 86/74 0.0/0.0] + 18 UDP 192.168.1.117:23903 <-> 162.255.38.14:3479 [proto: 78.189/STUN.Zoom][cat: Video/26][3 pkts/258 bytes <-> 3 pkts/222 bytes][Goodput ratio: 51.0/43.0][0.18 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/9 10.0/9.5 10/10 0.0/0.5][Pkt Len c2s/s2c min/avg/max/stddev: 86/74 86.0/74.0 86/74 0.0/0.0] + 19 UDP 192.168.1.117:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/330 bytes -> 0 pkts/0 bytes][Goodput ratio: 61.6/0.0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)] + 20 UDP 192.168.0.1:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/321 bytes -> 0 pkts/0 bytes][Goodput ratio: 86.6/0.0][< 1 sec][Host: tl-sg116e][DHCP Fingerprint: 1,3] + 21 TCP 192.168.1.117:54341 -> 62.149.152.153:993 [proto: 51/IMAPS][cat: Email/3][2 pkts/226 bytes -> 0 pkts/0 bytes][Goodput ratio: 41.4/0.0][3.59 sec] + 22 UDP 192.168.1.117:65394 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Goodput ratio: 34.8/69.5][0.04 sec][Host: local][PLAIN TEXT (servers)] + 23 UDP 192.168.1.117:51185 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/96 bytes][Goodput ratio: 46.9/55.7][0.04 sec][Host: zoomfrn99mmr.zoom.us][PLAIN TEXT (zoomfrn)] + 24 UDP 192.168.1.117:58063 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/78 bytes <-> 1 pkts/94 bytes][Goodput ratio: 45.6/54.7][0.03 sec][Host: zoomfr84zc.zoom.us][PLAIN TEXT (zoomfr84z)] + 25 UDP 192.168.1.117:62563 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/78 bytes <-> 1 pkts/94 bytes][Goodput ratio: 45.6/54.7][0.03 sec][Host: zoomfr85zc.zoom.us][PLAIN TEXT (zoomfr85z)] + 26 UDP 192.168.1.117:57025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 74.6/0.0][< 1 sec][PLAIN TEXT (SEARCH )] + 27 UDP 192.168.1.117:62988 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41.1/51.7][0.04 sec][Host: www3.zoom.us] + 28 UDP 192.168.1.117:64352 <-> 192.168.1.1:53 [proto: 5.189/DNS.Zoom][cat: Video/26][1 pkts/71 bytes <-> 1 pkts/87 bytes][Goodput ratio: 40.3/51.1][0.04 sec][Host: log.zoom.us] + 29 ICMP 192.168.1.117:0 -> 162.255.38.14:0 [proto: 81/ICMP][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.7/0.0][0.01 sec] + 30 TCP 192.168.1.117:54798 <-> 13.225.84.182:443 [proto: 91/TLS][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0.0/0.0][0.04 sec] + 31 UDP 192.168.1.117:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51.1/0.0][< 1 sec][PLAIN TEXT (spotify)] + 32 UDP 192.168.1.117:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 50.6/0.0][< 1 sec][PLAIN TEXT (SpotUdp)] + 33 ICMP 192.168.1.117:0 -> 192.168.1.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39.4/0.0][< 1 sec] |