1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
Guessed flow protos: 25
DPI Packets (TCP): 448 (7.59 pkts/flow)
DPI Packets (UDP): 70 (1.89 pkts/flow)
DPI Packets (other): 7 (1.00 pkts/flow)
Confidence Match by port : 24 (flows)
Confidence DPI : 78 (flows)
Confidence Match by IP : 1 (flows)
Num dissector calls: 331 (3.21 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/75/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/25/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 6/57/7 (insert/search/found)
Automa host: 95/51 (search/found)
Automa domain: 94/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 20/0 (search/found)
Automa common alpns: 56/56 (search/found)
Patricia risk mask: 76/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 1/0 (search/found)
Patricia risk IPv6: 8/0 (search/found)
Patricia protocols: 171/19 (search/found)
Patricia protocols IPv6: 16/0 (search/found)
DNS 13 1075 8
HTTP 70 4620 8
MDNS 116 10672 4
NTP 1 90 1
NetBIOS 9 828 1
SMBv1 3 751 1
DHCP 1 342 1
QQ 26 9402 2
IGMP 24 1280 4
TLS 305 89209 22
ICMPV6 4 328 3
Google 84 21868 8
LLMNR 12 944 6
WeChat 989 520787 32
GoogleDocs 15 5114 2
Safe 305 89209 22
Acceptable 349 47161 46
Fun 1015 530189 34
Dangerous 3 751 1
JA3 Host Stats:
IP Address # JA3C
1 192.168.1.103 3
1 TCP 203.205.151.162:443 <-> 192.168.1.103:54058 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 3][cat: Web/5][88 pkts/15114 bytes <-> 91 pkts/61842 bytes][Goodput ratio: 62/90][553.47 sec][bytes ratio: -0.607 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/11 6995/5837 150373/150695 18892/18424][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 172/680 264/1254 99/594][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.103:54101 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][46 pkts/12575 bytes <-> 40 pkts/53424 bytes][Goodput ratio: 76/95][15.73 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.619 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 403/151 10035/951 1616/288][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 273/1336 1306/4350 407/922][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,2,0,2,0,2,4,2,0,0,0,4,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,4,0,2,0,0,0,2,0,54,0,0,10]
3 TCP 192.168.1.103:54103 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][50 pkts/23958 bytes <-> 46 pkts/39684 bytes][Goodput ratio: 86/92][23.11 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.247 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 538/312 9999/7018 1833/1162][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 479/863 1306/4059 492/922][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,1,0,1,0,6,6,3,1,0,0,6,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,3,0,8,0,10,0,0,0,0,0,29,0,0,5]
4 TCP 192.168.1.103:54113 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][38 pkts/8933 bytes <-> 35 pkts/35112 bytes][Goodput ratio: 72/93][27.77 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.594 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 559/54 8107/380 1792/116][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235/1003 1306/1494 368/649][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,2,0,0,2,2,2,0,0,2,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,2,0,0,2,0,5,0,2,0,0,0,63,0,0,0]
5 TCP 192.168.1.103:54099 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][25 pkts/9013 bytes <-> 29 pkts/27440 bytes][Goodput ratio: 82/93][14.74 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.506 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/172 1085/1495 276/329][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 361/946 1306/1754 450/673][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,3,0,3,0,0,6,3,3,3,0,6,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,3,0,0,0,0,3,47,0,0,3]
6 TCP 192.168.1.103:54119 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][26 pkts/8129 bytes <-> 24 pkts/22836 bytes][Goodput ratio: 79/93][28.03 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1291/951 9696/8423 2840/2427][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 313/952 1306/2922 423/964][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,8,0,4,0,0,4,4,4,0,0,4,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,4,0,0,8,0,8,0,0,0,0,0,28,0,0,12]
7 TCP 192.168.1.103:58038 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][IP: 285/Tencent][Encrypted][Confidence: DPI][FPC: 197/WeChat, Confidence: DNS][DPI packets: 8][cat: Chat/9][34 pkts/17556 bytes <-> 25 pkts/12172 bytes][Goodput ratio: 87/86][38.16 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.181 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1114/1110 15327/15635 3311/3567][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 516/487 1306/1754 494/579][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,3,0,3,0,0,9,3,0,0,0,9,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,9,0,18,0,3,6,0,0,3,0,0,3]
8 TCP 192.168.1.103:54089 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][21 pkts/7826 bytes <-> 20 pkts/18761 bytes][Goodput ratio: 82/93][13.58 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 777/120 9999/394 2313/166][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 373/938 1306/5892 454/1304][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,4,0,4,0,4,4,4,4,0,0,4,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,4,0,4,0,9,0,0,0,0,0,33,0,0,4]
9 TCP 192.168.1.103:54095 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Chat/9][21 pkts/7825 bytes <-> 18 pkts/17898 bytes][Goodput ratio: 82/93][22.24 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1174/416 10039/3644 2412/985][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 373/994 1306/8291 454/1871][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,5,0,0,5,5,5,0,0,5,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,5,0,10,0,5,0,0,0,21,0,0,5]
10 TCP 192.168.1.103:58040 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][IP: 285/Tencent][Encrypted][Confidence: DPI][FPC: 285/Tencent, Confidence: IP address][DPI packets: 8][cat: Chat/9][29 pkts/17545 bytes <-> 20 pkts/6923 bytes][Goodput ratio: 89/81][31.02 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1265/1401 15319/15624 3541/3988][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 605/346 1494/1494 586/472][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,3,3,3,0,0,0,11,7,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,11,0,7,0,0,0,0,0,27,0,0,0]
11 TCP 192.168.1.103:54097 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][25 pkts/12063 bytes <-> 19 pkts/7932 bytes][Goodput ratio: 86/84][47.29 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.207 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1388/1930 15313/15715 3511/4240][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 483/417 1306/1754 480/530][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,4,0,4,0,0,0,17,0,0,0,0,0,0,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,13,0,13,0,0,0,0,0,4,0,0,4]
12 TCP 192.168.1.103:54094 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][22 pkts/10193 bytes <-> 18 pkts/8262 bytes][Goodput ratio: 86/86][22.50 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.105 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1165/786 10037/4544 2455/1496][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 463/459 1306/1754 478/579][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,4,0,4,0,4,4,9,0,0,0,4,0,0,15,4,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,9,0,15,0,0,0,0,0,9,0,0,4]
13 TCP 192.168.1.103:54102 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Chat/9][13 pkts/2317 bytes <-> 15 pkts/15724 bytes][Goodput ratio: 63/94][13.04 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.743 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1232/213 9996/1647 2944/472][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 178/1048 1153/3182 290/878][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,7,0,7,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,57,0,0,7]
14 TCP 192.168.1.103:54098 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Chat/9][22 pkts/8507 bytes <-> 16 pkts/6575 bytes][Goodput ratio: 83/84][47.03 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 2592/2688 15693/16086 4163/4916][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 387/411 1306/1754 452/551][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,5,0,0,0,18,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,11,0,0,0,0,0,5,0,0,5]
15 TCP 192.168.1.103:54117 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][20 pkts/8397 bytes <-> 16 pkts/6566 bytes][Goodput ratio: 84/84][25.19 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1503/1316 9999/7806 2987/2505][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 420/410 1306/1494 462/507][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,5,0,0,0,16,5,0,0,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,11,0,0,0,0,0,11,0,0,0]
16 TCP 192.168.1.103:58036 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][IP: 285/Tencent][Encrypted][Confidence: DPI][FPC: 197/WeChat, Confidence: DNS][DPI packets: 8][cat: Chat/9][15 pkts/6450 bytes <-> 11 pkts/5068 bytes][Goodput ratio: 85/86][11.52 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 931/134 9811/287 2681/130][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/461 1306/1494 463/553][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,7,0,7,0,0,0,14,7,0,0,0,0,0,14,7,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,14,0,0,0,0,0,14,0,0,0]
17 TCP 192.168.1.103:54092 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][15 pkts/6438 bytes <-> 11 pkts/5068 bytes][Goodput ratio: 84/86][11.77 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 947/155 9639/333 2626/154][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 429/461 1306/1494 463/553][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,7,0,7,0,0,0,14,7,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,14,0,0,0,0,0,14,0,0,0]
18 TCP 192.168.1.103:54100 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Chat/9][15 pkts/4627 bytes <-> 12 pkts/5905 bytes][Goodput ratio: 78/86][14.48 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1140/318 10004/1570 2698/530][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 308/492 1306/1798 406/692][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,9,0,9,0,0,9,9,0,0,0,9,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,9,0,0,0,0,0,9,0,0,18]
19 TCP 192.168.1.103:54111 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][14 pkts/4626 bytes <-> 12 pkts/5135 bytes][Goodput ratio: 80/84][22.95 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2021/1536 10879/11228 3976/3666][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 330/428 1306/1494 416/541][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,8,0,8,0,0,0,16,8,0,0,0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,8,0,8,0,0,0,0,0,16,0,0,0]
20 TCP 192.168.1.103:58042 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][IP: 285/Tencent][Encrypted][Confidence: DPI][FPC: 285/Tencent, Confidence: IP address][DPI packets: 8][cat: Chat/9][12 pkts/4516 bytes <-> 10 pkts/5004 bytes][Goodput ratio: 82/87][11.54 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.051 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 140/136 356/292 157/130][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 376/500 1306/1754 434/627][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,9,0,9,0,0,0,18,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,9,0,9,0,0,0,0,0,9,0,0,9]
21 TCP 192.168.1.103:43850 <-> 203.205.158.34:443 [proto: 91.48/TLS.QQ][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 48/QQ, Confidence: DNS][DPI packets: 8][cat: Chat/9][12 pkts/2005 bytes <-> 12 pkts/6787 bytes][Goodput ratio: 67/90][72.13 sec][Hostname/SNI: res.wx.qq.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.544 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7939/7944 44960/45306 14472/14557][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 167/566 571/3484 197/987][Risk: ** Weak TLS Cipher **** Malicious Fingerpint **][Risk Score: 150][Risk Info: 550dce18de1bb143e69d6dd9413b8355 / Cipher TLS_RSA_WITH_AES_256_GCM_SHA384][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: 550dce18de1bb143e69d6dd9413b8355][JA4: t12d1512h2_f0daf39aad75_1c0c7ba38891][ServerNames: wx1.qq.com,webpush.wx.qq.com,webpush1.weixin.qq.com,loginpoll.weixin.qq.com,login.wx.qq.com,file.wx2.qq.com,wx2.qq.com,login.wx2.qq.com,wxitil.qq.com,file.wx.qq.com,login.weixin.qq.com,webpush2.weixin.qq.com,webpush.wx2.qq.com,webpush.weixin.qq.com,web.weixin.qq.com,res.wx.qq.com,wx.qq.com][JA3S: 290adf098a54ade688d1df074dbecbf2 (WEAK)][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=CN, ST=Guangdong, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, OU=R&D, CN=wx.qq.com][Certificate SHA-1: 67:53:57:7F:22:BB:D0:A6:D4:5F:A6:D4:B3:0A:13:73:29:23:D0:C9][Validity: 2016-05-10 00:00:00 - 2018-08-09 23:59:59][Cipher: TLS_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 12,0,0,0,0,0,0,0,12,12,0,0,0,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,12]
22 TCP 192.168.1.103:38657 <-> 172.217.22.14:443 [proto: 91.126/TLS.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: DNS][DPI packets: 10][cat: Web/5][17 pkts/2413 bytes <-> 17 pkts/6268 bytes][Goodput ratio: 53/82][135.40 sec][Hostname/SNI: safebrowsing.googleusercontent.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.444 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6942/6942 45055/45055 16249/16250][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/369 895/1484 196/525][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: d551fafc4f40f1dec2bb45980bfa9492][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: d551fafc4f40f1dec2bb45980bfa9492][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: *.googleusercontent.com,*.apps.googleusercontent.com,*.appspot.com.storage.googleapis.com,*.blogspot.com,*.bp.blogspot.com,*.commondatastorage.googleapis.com,*.content-storage-download.googleapis.com,*.content-storage-upload.googleapis.com,*.content-storage.googleapis.com,*.doubleclickusercontent.com,*.ggpht.com,*.googledrive.com,*.googlesyndication.com,*.googleweblight.com,*.safenup.googleusercontent.com,*.sandbox.googleusercontent.com,*.storage-download.googleapis.com,*.storage-upload.googleapis.com,*.storage.googleapis.com,*.storage.select.googleapis.com,blogspot.com,bp.blogspot.com,commondatastorage.googleapis.com,doubleclickusercontent.com,ggpht.com,googledrive.com,googleusercontent.com,googleweblight.com,static.panoramio.com.storage.googleapis.com,storage.googleapis.com,storage.select.googleapis.com,unfiltered.news][JA3S: d655f7cd00e93ea8969c3c6e06f0156f][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.googleusercontent.com][Certificate SHA-1: 8B:36:AF:31:A2:4C:EE:50:CC:6F:34:F7:2C:A3:C5:B6:4B:02:AC:53][Validity: 2017-04-05 17:14:46 - 2017-06-28 16:57:00][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 12,38,6,0,0,0,6,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,12,0,0,0]
23 UDP 192.168.1.103:51507 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 188.126/QUIC.Google, Confidence: DPI][DPI packets: 1][cat: Web/5][7 pkts/3507 bytes <-> 6 pkts/3329 bytes][Goodput ratio: 92/92][0.18 sec][Hostname/SNI: ssl.gstatic.com][bytes ratio: 0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 27/2 76/4 27/1][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 501/555 1392/1392 574/599][User-Agent: Chrome/57.0.2987.133 Linux x86_64][QUIC ver: Q035][PLAIN TEXT (ssl.gstatic.com)][Plen Bins: 23,30,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0,0,0,0]
24 UDP 192.168.1.103:57591 <-> 216.58.198.46:443 [proto: 188.241/QUIC.GoogleDocs][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 188.241/QUIC.GoogleDocs, Confidence: DPI][DPI packets: 1][cat: Collaborative/15][6 pkts/2687 bytes <-> 7 pkts/2125 bytes][Goodput ratio: 91/86][1.33 sec][Hostname/SNI: docs.google.com][bytes ratio: 0.117 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/248 55/1178 23/465][Pkt Len c2s/s2c min/avg/max/stddev: 77/70 448/304 1392/1392 532/455][User-Agent: Chrome/57.0.2987.133 Linux x86_64][QUIC ver: Q035][PLAIN TEXT (docs.google.comr)][Plen Bins: 30,39,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,0]
25 TCP 192.168.1.103:54120 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][Goodput ratio: 35/85][27.78 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.565 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 3428/1426 19999/5411 6454/2304][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/464 304/1754 77/673][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,20,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,20]
26 TCP 192.168.1.103:58041 <-> 203.205.147.171:443 [proto: 91.197/TLS.WeChat][IP: 285/Tencent][Encrypted][Confidence: DPI][FPC: 285/Tencent, Confidence: IP address][DPI packets: 10][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3711 bytes][Goodput ratio: 35/85][30.78 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.565 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 3813/2235 20004/5405 6348/2331][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/464 304/1754 77/673][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,20,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,20]
27 TCP 192.168.1.103:54118 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][10 pkts/1032 bytes <-> 8 pkts/3703 bytes][Goodput ratio: 35/86][24.98 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.564 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3076/848 20000/3092 6448/1207][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/463 304/1494 77/601][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,16,0,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0,0]
28 TCP 192.168.1.103:54090 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][Goodput ratio: 35/87][13.33 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1665/362 10763/1441 3453/623][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/520 304/1494 77/622][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,16,0,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0,0]
29 TCP 192.168.1.103:54096 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][Goodput ratio: 35/87][20.54 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2567/80 19243/317 6305/137][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/520 304/1494 77/622][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,16,0,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0,0]
30 TCP 192.168.1.103:54104 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][10 pkts/1032 bytes <-> 7 pkts/3637 bytes][Goodput ratio: 35/87][11.97 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1496/90 10477/358 3399/155][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/520 304/1494 77/622][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,16,0,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0,0]
31 TCP 192.168.1.103:54091 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Chat/9][9 pkts/966 bytes <-> 6 pkts/3571 bytes][Goodput ratio: 38/89][11.54 sec][Hostname/SNI: web.wechat.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1592/137 10023/410 3446/193][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 107/595 304/1754 80/732][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: e330bca99c8a5256ae126a55c4c725c5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][TLSv1.2][JA3C: e330bca99c8a5256ae126a55c4c725c5][JA4: t12d1511h2_f0daf39aad75_eb7c9aabf852][ServerNames: webpush1.wechat.com,webpush.wechat.com,login.web.wechat.com,webpush.web.wechat.com,webpush2.wechat.com,webpush.web2.wechat.com,file.web2.wechat.com,web1.wechat.com,file.web.wechat.com,loginpoll.wechat.com,web2.wechat.com,login.wechat.com,login.web2.wechat.com,res.wechat.com,web.wechat.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust SSL CA - G3][Subject: C=HK, ST=HongKong, L=Wan Chai, O=Tencent Mobility Limited, CN=web.wechat.com][Certificate SHA-1: 4F:3B:6A:87:0C:D2:34:09:C9:53:9F:6F:EE:7D:7B:9B:E9:D6:EF:C1][Validity: 2015-09-21 00:00:00 - 2018-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,20,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,20]
32 UDP [fe80::7a92:9cff:fe0f:a88e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 6][cat: Network/14][44 pkts/4488 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][3914.88 sec][Hostname/SNI: _googlecast._tcp.local][_googlecast._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6684/0 41917/0 11732/0][Pkt Len c2s/s2c min/avg/max/stddev: 102/0 102/0 102/0 0/0][PLAIN TEXT (googlecast)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.1.103:35601 <-> 172.217.23.67:443 [proto: 188.126/QUIC.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 188.126/QUIC.Google, Confidence: DPI][DPI packets: 1][cat: Web/5][5 pkts/2035 bytes <-> 5 pkts/1937 bytes][Goodput ratio: 90/89][0.12 sec][Hostname/SNI: ssl.gstatic.com][bytes ratio: 0.025 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 24/16 53/47 24/19][Pkt Len c2s/s2c min/avg/max/stddev: 80/72 407/387 1392/1392 508/512][User-Agent: Chrome/57.0.2987.133 Linux x86_64][QUIC ver: Q035][PLAIN TEXT (ssl.gstatic.com)][Plen Bins: 30,30,0,0,0,0,0,0,10,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0]
34 UDP 192.168.1.103:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 6][cat: Network/14][44 pkts/3608 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][3914.88 sec][Hostname/SNI: _googlecast._tcp.local][_googlecast._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6684/0 41917/0 11732/0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82/0 82/0 0/0][PLAIN TEXT (googlecast)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 192.168.1.103:54183 -> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][2 pkts/2508 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][17.47 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0]
36 UDP [fe80::91f9:3df3:7436:6cd6]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 6][cat: Network/14][14 pkts/1428 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][123.08 sec][Hostname/SNI: _googlecast._tcp.local][_googlecast._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4608/0 45060/0 12222/0][Pkt Len c2s/s2c min/avg/max/stddev: 102/0 102/0 102/0 0/0][PLAIN TEXT (googlecast)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 TCP 192.168.1.103:36017 <-> 64.233.167.188:5228 [proto: 126/Google][IP: 126/Google][Encrypted][Confidence: Match by IP][FPC: 126/Google, Confidence: IP address][DPI packets: 20][cat: Web/5][10 pkts/660 bytes <-> 10 pkts/660 bytes][Goodput ratio: 0/0][540.78 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 45051/45051 61959/61957 180207/180208 44694/44695][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/66 66/66 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 192.168.1.100:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 6][cat: Network/14][14 pkts/1148 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][123.08 sec][Hostname/SNI: _googlecast._tcp.local][_googlecast._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4608/0 45058/0 12221/0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 82/0 82/0 0/0][PLAIN TEXT (googlecast)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 TCP 192.168.1.103:58039 <-> 203.205.147.171:443 [proto: 91/TLS][IP: 285/Tencent][Encrypted][Confidence: Match by port][FPC: 197/WeChat, Confidence: DNS][DPI packets: 17][cat: Web/5][13 pkts/866 bytes <-> 4 pkts/280 bytes][Goodput ratio: 0/0][140.92 sec][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 272/45308 12755/45308 45020/45308 13611/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 67/70 74/74 2/4][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 TCP 192.168.1.103:58143 -> 216.58.205.131:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 3][cat: Web/5][3 pkts/1078 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][92.69 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 TCP 203.205.151.162:443 <-> 192.168.1.103:54084 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][3 pkts/802 bytes <-> 3 pkts/198 bytes][Goodput ratio: 75/0][16.21 sec][bytes ratio: 0.604 (Upload)][IAT c2s/s2c min/avg/max/stddev: 6562/9679 8102/9679 9642/9679 1540/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 267/66 670/66 285/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 192.168.1.100:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][9 pkts/828 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.44 sec][Hostname/SNI: lbjamwptxz][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 179/0 816/0 313/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( EMECEKEBENFHFAFEFIFKCACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 IGMP 192.168.1.100:0 -> 224.0.0.22:0 [proto: 82/IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][15 pkts/810 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3769.99 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 409/0 289920/0 3384346/0 895904/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 54/0 54/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 192.168.1.100:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][3 pkts/751 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][3600.00 sec][Hostname/SNI: giovanni-pc][PLAIN TEXT ( EHEJEPFGEBEOEOEJ)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 TCP 192.168.1.103:54112 <-> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][5 pkts/338 bytes <-> 4 pkts/280 bytes][Goodput ratio: 0/0][22.72 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 351/910 5597/910 20327/910 8509/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.1.103:54114 <-> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][5 pkts/338 bytes <-> 4 pkts/280 bytes][Goodput ratio: 0/0][55.41 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 312/33511 13774/33511 33196/33511 13762/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.1.103:19041 <-> 192.168.1.254:53 [proto: 5.48/DNS.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.48/DNS.QQ, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/73 bytes <-> 1 pkts/537 bytes][Goodput ratio: 42/92][0.03 sec][Hostname/SNI: res.wx.qq.com][203.205.158.34][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.1.103:34981 -> 95.101.34.33:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][100.37 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 259/0 12546/0 83360/0 26898/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.1.103:34996 -> 95.101.34.33:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][100.98 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 252/0 12622/0 82310/0 26534/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 192.168.1.103:34999 -> 95.101.34.33:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][104.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 13106/0 85920/0 27703/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 TCP 192.168.1.103:35000 -> 95.101.34.33:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][100.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 251/0 12574/0 82446/0 26589/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.1.103:39207 -> 95.101.34.34:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][104.22 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 239/0 13028/0 84664/0 27320/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 TCP 192.168.1.103:39231 -> 95.101.34.34:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][99.19 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 255/0 12398/0 82310/0 26558/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (PLTbOhOof)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.1.103:53220 <-> 172.217.23.78:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 8][cat: Web/5][4 pkts/264 bytes <-> 4 pkts/319 bytes][Goodput ratio: 0/17][14.77 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/39 4910/7364 14730/14688 6944/7324][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/80 66/121 0/24][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 TCP 192.168.1.103:54093 <-> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Web/5][5 pkts/338 bytes <-> 3 pkts/214 bytes][Goodput ratio: 0/0][11.84 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 325/0 2960/0 9935/0 4045/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/71 74/74 3/4][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.1.103:58037 <-> 203.205.147.171:443 [proto: 91/TLS][IP: 285/Tencent][Encrypted][Confidence: Match by port][FPC: 197/WeChat, Confidence: DNS][DPI packets: 8][cat: Web/5][5 pkts/338 bytes <-> 3 pkts/214 bytes][Goodput ratio: 0/0][11.56 sec][bytes ratio: 0.225 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 2890/0 9679/0 3944/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/71 74/74 3/4][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.1.103:39195 -> 95.101.34.34:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][90.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 232/0 12972/0 83248/0 28714/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 TCP 192.168.1.103:52020 -> 95.101.180.179:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Web/5][8 pkts/528 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][94.52 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 267/0 13502/0 85920/0 29594/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 TCP 192.168.1.103:43851 <-> 203.205.158.34:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 48/QQ, Confidence: DNS][DPI packets: 9][cat: Web/5][5 pkts/290 bytes <-> 4 pkts/234 bytes][Goodput ratio: 0/0][47.04 sec][bytes ratio: 0.107 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 301/1307 11760/23331 45054/45355 19226/22024][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 58/58 74/66 8/5][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 TCP 192.168.1.103:47627 <-> 216.58.205.78:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 7][cat: Web/5][3 pkts/198 bytes <-> 4 pkts/319 bytes][Goodput ratio: 0/17][14.77 sec][bytes ratio: -0.234 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/40 7363/7364 14726/14687 7363/7324][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/80 66/121 0/24][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 TCP 192.168.1.103:40740 <-> 203.205.151.211:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Web/5][4 pkts/216 bytes <-> 4 pkts/253 bytes][Goodput ratio: 0/12][20.65 sec][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/652 6763/10145 19992/19638 9355/9493][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 54/63 54/85 0/13][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 UDP 192.168.1.103:60356 <-> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.197/DNS.WeChat, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/391 bytes][Goodput ratio: 43/89][0.28 sec][Hostname/SNI: web.wechat.com][203.205.147.171][PLAIN TEXT (wechat)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 TCP 192.168.1.103:49787 <-> 216.58.205.142:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Web/5][3 pkts/198 bytes <-> 3 pkts/198 bytes][Goodput ratio: 0/0][90.15 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 45055/45054 45056/45055 45056/45056 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/66 66/66 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 TCP 192.168.1.103:58226 -> 203.205.147.171:443 [proto: 91/TLS][IP: 285/Tencent][Encrypted][Confidence: Match by port][FPC: 285/Tencent, Confidence: IP address][DPI packets: 6][cat: Web/5][6 pkts/396 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][92.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 607/0 18483/0 85584/0 33566/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 UDP 192.168.1.103:53734 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.126/DNS.Google, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/94 bytes <-> 1 pkts/272 bytes][Goodput ratio: 55/84][0.04 sec][Hostname/SNI: safebrowsing.googleusercontent.com][172.217.22.14][PLAIN TEXT (safebrowsing)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 TCP 192.168.1.103:58043 <-> 203.205.147.171:443 [proto: 91/TLS][IP: 285/Tencent][Encrypted][Confidence: Match by port][FPC: 285/Tencent, Confidence: IP address][DPI packets: 5][cat: Web/5][3 pkts/206 bytes <-> 2 pkts/148 bytes][Goodput ratio: 0/0][1.65 sec][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: iphonedimonica][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (iPhonediMonica)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 UDP 192.168.1.103:46078 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.126/DNS.Google, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/234 bytes][Goodput ratio: 43/82][0.04 sec][Hostname/SNI: ssl.gstatic.com][172.217.23.67][PLAIN TEXT (gstatic)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 UDP 192.168.1.103:60562 <-> 192.168.1.254:53 [proto: 5.126/DNS.Google][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.126/DNS.Google, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/234 bytes][Goodput ratio: 43/82][0.03 sec][Hostname/SNI: ssl.gstatic.com][172.217.23.67][PLAIN TEXT (gstatic)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP 192.168.1.103:55862 <-> 192.168.1.254:53 [proto: 5.241/DNS.GoogleDocs][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.241/DNS.GoogleDocs, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/227 bytes][Goodput ratio: 43/81][0.04 sec][Hostname/SNI: docs.google.com][216.58.198.46][PLAIN TEXT (google)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 IGMP 192.168.1.103:0 -> 224.0.0.22:0 [proto: 82/IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3756.16 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.36 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3763.44 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.33 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][0.01 sec][Hostname/SNI: lbjamwptxz][PLAIN TEXT (lbjamwptx)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.01 sec][Hostname/SNI: cansaqcq][PLAIN TEXT (cansaqcq)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.01 sec][Hostname/SNI: mcztmpkc][PLAIN TEXT (mcztmpkc)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.01 sec][Hostname/SNI: webpush.web.wechat.com.lan][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][Hostname/SNI: 1.debian.pool.ntp.org.lan][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (debian)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.197/DNS.WeChat, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][2.46 sec][Hostname/SNI: webpush.web.wechat.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.197/DNS.WeChat, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][5.01 sec][Hostname/SNI: webpush.web.wechat.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Hostname/SNI: 2.debian.pool.ntp.org][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (debian)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Hostname/SNI: 1.debian.pool.ntp.org][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (debian)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/158 bytes -> 0 pkts/0 bytes][Goodput ratio: 47/0][5.01 sec][Hostname/SNI: ssl.gstatic.com.lan][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (gstatic)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.01 sec][Hostname/SNI: lbjamwptxz][PLAIN TEXT (lbjamwptx)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.01 sec][Hostname/SNI: cansaqcq][PLAIN TEXT (cansaqcq)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.01 sec][Hostname/SNI: mcztmpkc][PLAIN TEXT (mcztmpkc)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][35.46 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.35 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.31 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
91 TCP 192.168.1.103:54205 -> 64.233.167.188:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][135.44 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 6/0][1.43 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 9/NTP, Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Hostname/SNI: webpush.web.wechat.com.lan][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Hostname/SNI: webpush.web.wechat.com.lan][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.197/DNS.WeChat, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Hostname/SNI: webpush.web.wechat.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.197/DNS.WeChat, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Hostname/SNI: webpush.web.wechat.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.197/DNS.WeChat, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Hostname/SNI: webpush.web.wechat.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (webpush)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/79 bytes -> 0 pkts/0 bytes][Goodput ratio: 46/0][< 1 sec][Hostname/SNI: ssl.gstatic.com.lan][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (gstatic)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.126/DNS.Google, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][Hostname/SNI: ssl.gstatic.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (gstatic)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|