1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
|
Guessed flow protos: 6
DPI Packets (TCP): 408 (4.16 pkts/flow)
DPI Packets (UDP): 120 (1.21 pkts/flow)
Confidence Unknown : 9 (flows)
Confidence Match by port : 6 (flows)
Confidence DPI : 182 (flows)
Num dissector calls: 4633 (23.52 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/45/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/8/0 (insert/search/found)
LRU cache mining: 0/15/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 6/37/13 (insert/search/found)
Automa host: 161/71 (search/found)
Automa domain: 156/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 16/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 174/0 (search/found)
Patricia risk mask IPv6: 6/0 (search/found)
Patricia risk: 3/0 (search/found)
Patricia risk IPv6: 25/0 (search/found)
Patricia protocols: 287/57 (search/found)
Patricia protocols IPv6: 50/0 (search/found)
Unknown 19 5564 9
HTTP 249 355379 34
MDNS 1 82 1
NTP 1 90 1
NetBIOS 26 2392 6
SSDP 143 36951 13
SMBv1 5 1197 2
DHCP 24 8208 5
QQ 33 6883 4
TLS 124 28754 9
DHCPV6 10 980 3
Google 30 54525 4
LLMNR 91 6931 48
GoogleServices 17 30330 1
MpegDash 1 299 1
1kxun 914 1969311 48
Line 30 19034 3
Mikrotik 5 864 5
Safe 124 28754 9
Acceptable 627 515766 124
Fun 948 1976493 53
Dangerous 5 1197 2
Unrated 19 5564 9
Payload Analysis
[....] [2E 2E 2E 2E] [len: 4][num_occurrencies: 437][flowId: 0 7 9 10 12 13 3 15 17 18 19 23 25 32 33 38 42 46 47 48 51 52 54 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 100 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146 159][packetIds: 1 2 11 14 15 17 18 19 20 21 29 30 32 35 36 39 40 41 42 43 44 48 49 52 53 54 55 56 59 69 70 71 84 85 198 199 387 388 472 473 474 507 539 547 554 555 563 564 583 589 591 592 594 595 597 598 602 642 643 645 646 648 651 654 657 658 662 665 666 667 669 670 671 672 673 682 684 686 687 688 690 691 696 703 706 730 731 733 734 738 740 743 755 756 761 773 774 775 777 778 780 781 787 788 798 799 800 801 803 814 820 822 827 828 829 830 831 835 836 858 859 901 902 903 904 930 931 932 941 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304 1383]
[.....] [2E 2E 2E 2E 2E] [len: 5][num_occurrencies: 287][flowId: 0 7 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146 159][packetIds: 1 2 11 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 669 670 671 672 673 682 684 686 687 688 690 691 696 703 706 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 941 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304 1383]
[HTTP] [48 54 54 50] [len: 4][num_occurrencies: 213][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 480 481 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[HTTP/] [48 54 54 50 2F] [len: 5][num_occurrencies: 213][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 480 481 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[HTTP/1] [48 54 54 50 2F 31] [len: 6][num_occurrencies: 213][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 480 481 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[HTTP/1.] [48 54 54 50 2F 31 2E] [len: 7][num_occurrencies: 213][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 480 481 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[HTTP/1.1] [48 54 54 50 2F 31 2E 31] [len: 8][num_occurrencies: 212][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 480 481 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TTP/] [54 54 50 2F] [len: 4][num_occurrencies: 211][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TTP/1] [54 54 50 2F 31] [len: 5][num_occurrencies: 211][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TTP/1.] [54 54 50 2F 31 2E] [len: 6][num_occurrencies: 211][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TP/1] [54 50 2F 31] [len: 4][num_occurrencies: 211][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TP/1.] [54 50 2F 31 2E] [len: 5][num_occurrencies: 211][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[P/1.] [50 2F 31 2E] [len: 4][num_occurrencies: 211][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 137 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1051 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TTP/1.1] [54 54 50 2F 31 2E 31] [len: 7][num_occurrencies: 210][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[TP/1.1] [54 50 2F 31 2E 31] [len: 6][num_occurrencies: 210][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[P/1.1] [50 2F 31 2E 31] [len: 5][num_occurrencies: 210][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[/1.1] [2F 31 2E 31] [len: 4][num_occurrencies: 210][flowId: 1 2 5 6 11 14 20 24 28 31 27 26 29 30 35 36 37 39 40 43 45 48 49 50 53 58 74 82 83 109 108 129 130 131 132 133 135 134 136 138 139 140 143 141 142 144 145 146 147 148 149 151 152 155 150 156 157 158 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 177 178 181 179 180 188 187 189 190 191 192 193 194 195 196][packetIds: 3 4 7 8 9 10 16 34 45 60 61 68 117 120 129 150 162 178 196 197 412 418 467 468 483 498 506 508 556 557 566 582 586 587 588 590 593 596 599 601 603 604 605 606 607 608 610 615 616 620 621 622 623 625 626 627 634 640 641 644 647 653 655 656 663 664 674 677 678 679 680 689 692 693 694 695 697 698 699 700 701 704 705 724 728 729 732 735 736 737 739 741 742 744 745 746 747 748 749 751 753 754 759 762 768 782 791 797 802 819 821 825 826 837 872 874 896 899 905 906 907 908 910 922 923 925 936 945 984 989 990 992 997 1002 1010 1014 1019 1029 1031 1034 1036 1038 1041 1042 1045 1046 1050 1053 1055 1058 1060 1066 1069 1070 1071 1076 1129 1149 1151 1154 1168 1169 1174 1177 1180 1182 1265 1301 1302 1303 1319 1320 1327 1354 1361 1365 1484 1509 1511 1512 1513 1514 1519 1524 1528 1568 1572 1573 1574 1576 1578 1580 1582 1588 1677 1678 1687 1688 1689 1690 1693 1697 1698 1702 1705 1706 1707 1711 1717 1723]
[......] [2E 2E 2E 2E 2E 2E] [len: 6][num_occurrencies: 159][flowId: 0 7 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146][packetIds: 1 2 11 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 669 670 671 672 673 682 684 686 687 688 690 691 696 703 706 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 941 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304]
[....] [2E 2E 2E 2E] [len: 4][num_occurrencies: 129][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 100 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146 159][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 814 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304 1383]
[.....] [2E 2E 2E 2E 2E] [len: 5][num_occurrencies: 128][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146 159][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304 1383]
[......] [2E 2E 2E 2E 2E 2E] [len: 6][num_occurrencies: 128][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146 159][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304 1383]
[....] [2E 2E 2E 2E] [len: 4][num_occurrencies: 127][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 100 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 814 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026]
[.....] [2E 2E 2E 2E 2E] [len: 5][num_occurrencies: 127][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 100 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 814 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026]
[.......] [2E 2E 2E 2E 2E 2E 2E] [len: 7][num_occurrencies: 127][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128 146][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026 1304]
[......] [2E 2E 2E 2E 2E 2E] [len: 6][num_occurrencies: 126][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026]
[.......] [2E 2E 2E 2E 2E 2E 2E] [len: 7][num_occurrencies: 126][flowId: 0 9 10 12 13 15 17 18 19 23 25 32 33 38 42 46 47 51 52 61 62 63 66 67 68 71 72 75 77 79 80 81 84 89 90 91 94 95 96 97 98 99 101 102 103 107 110 111 113 114 117 119 120 121 122 123 124 125 126 127 128][packetIds: 1 2 14 15 17 18 19 20 29 30 35 36 39 40 41 42 43 44 48 49 52 53 54 55 69 70 84 85 198 199 387 388 472 473 507 539 554 555 563 564 591 592 594 595 642 643 645 646 648 651 654 657 658 662 665 666 667 670 671 672 673 682 684 686 687 688 690 691 696 703 730 731 733 734 740 743 755 756 761 774 775 777 778 780 781 787 788 798 799 800 801 803 820 822 827 828 829 830 831 858 901 902 903 904 930 931 932 985 986 991 994 995 996 1008 1009 1011 1012 1015 1016 1017 1018 1021 1023 1024 1025 1026]
JA3 Host Stats:
IP Address # JA3C
1 192.168.5.16 2
1 TCP 192.168.2.126:45380 <-> 161.117.13.29:80 [flowId: 145][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][7 pkts/4845 bytes <-> 73 pkts/178280 bytes][Goodput ratio: 90/97][5.13 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.947 (Download)][IAT c2s/s2c min/avg/max/stddev: 187/0 298/54 408/638 110/113][Pkt Len c2s/s2c min/avg/max/stddev: 490/759 692/2442 831/8706 147/1792][URL: mangaweb.1kxun.mobi/detail?id=27159&sytjdt&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e][StatusCode: 200][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /detail)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1,0,0,0,0,1,2,3,1,0,0,0,0,0,0,0,0,0,0,0,1,1,2,0,0,0,0,0,0,52,0,33]
2 TCP 192.168.2.126:46170 <-> 172.105.121.82:80 [flowId: 141][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/552 bytes <-> 33 pkts/181723 bytes][Goodput ratio: 76/99][1.59 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.994 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/42 0/371 0/107][Pkt Len c2s/s2c min/avg/max/stddev: 274/387 276/5507 278/21666 2/6102][URL: pic.1kxun.com/video_kankan/images/releases/296/4701-e14d0481c8fbe8a42795abb879cda2d2.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,0,55]
3 TCP 192.168.2.126:49372 <-> 14.136.136.108:80 [flowId: 157][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][3 pkts/1752 bytes <-> 33 pkts/144786 bytes][Goodput ratio: 89/98][1.99 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.976 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/61 0/371 0/111][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 584/4387 592/18786 6/4364][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/aec00b1dbdf678ee8d2b89df3fdbd059.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,8,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,51]
4 TCP 192.168.2.126:49396 <-> 14.136.136.108:80 [flowId: 161][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][3 pkts/1776 bytes <-> 28 pkts/133577 bytes][Goodput ratio: 89/99][1.65 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.974 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/42 0/345 0/94][Pkt Len c2s/s2c min/avg/max/stddev: 592/351 592/4771 592/21666 0/5452][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/00dd6bfe750c02c8d10d7112d143f322.jpg?format=webp][StatusCode: 200][Content-Type: image/webp][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,52]
5 TCP 192.168.2.126:49412 <-> 14.136.136.108:80 [flowId: 160][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 9][cat: Streaming/17][3 pkts/1752 bytes <-> 23 pkts/128276 bytes][Goodput ratio: 89/99][1.65 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.973 (Download)][IAT c2s/s2c min/avg/max/stddev: 612/0 612/61 612/399 0/112][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 584/5577 592/21666 6/5767][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/13aeb81a47e7632ccdf1aefee19ea65e.jpg?format=webp][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (NGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,19,0,62]
6 TCP 192.168.2.126:46212 <-> 172.105.121.82:80 [flowId: 143][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/555 bytes <-> 12 pkts/124834 bytes][Goodput ratio: 76/99][1.58 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.991 (Download)][IAT c2s/s2c min/avg/max/stddev: 871/0 871/122 871/373 0/155][Pkt Len c2s/s2c min/avg/max/stddev: 277/386 278/10403 278/37506 0/10887][URL: pic.1kxun.com/video_kankan/images/releases/300/5183-51fb99a2391e774037ba21cbca307be4.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,57]
7 TCP 192.168.2.126:38316 <-> 172.105.121.82:80 [flowId: 170][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/273 bytes <-> 23 pkts/118294 bytes][Goodput ratio: 76/99][1.43 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.995 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/46 0/393 0/113][Pkt Len c2s/s2c min/avg/max/stddev: 273/388 273/5143 273/24546 0/5526][URL: pic.1kxun.com/video_kankan/images/videos/40701-8fa7d916c55e31f90fa55f450b716505.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,20,0,67]
8 TCP 192.168.2.126:49380 <-> 14.136.136.108:80 [flowId: 159][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 9][cat: Streaming/17][2 pkts/1172 bytes <-> 30 pkts/99876 bytes][Goodput ratio: 89/98][1.31 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.977 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/32 0/209 0/74][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 586/3329 592/18786 6/3784][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/f05074256b39572ad852c1c95eb5f8a7.jpg][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (LGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,53,0,34]
9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [flowId: 183][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [flowId: 185][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
11 TCP 192.168.2.126:45416 <-> 161.117.13.29:80 [flowId: 149][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][8 pkts/7202 bytes <-> 24 pkts/83277 bytes][Goodput ratio: 93/98][16.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.841 (Download)][IAT c2s/s2c min/avg/max/stddev: 186/0 2919/772 6045/5959 2744/1789][Pkt Len c2s/s2c min/avg/max/stddev: 500/709 900/3470 1180/14466 215/3207][URL: mangaweb.1kxun.mobi/js/vendor.bundle.js?1644807874][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/vendor.bundle.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,3,0,0,12,0,0,0,0,0,0,0,3,3,3,6,0,0,0,0,0,0,0,3,0,0,21,0,41]
12 TCP 192.168.2.126:38326 <-> 172.105.121.82:80 [flowId: 168][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/273 bytes <-> 21 pkts/89010 bytes][Goodput ratio: 76/98][1.25 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.994 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/50 0/412 0/118][Pkt Len c2s/s2c min/avg/max/stddev: 273/387 273/4239 273/12489 0/2950][URL: pic.1kxun.com/video_kankan/images/videos/40730-48fd657abd5a1d3e45d03403ddcb0663.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,73]
13 TCP 192.168.2.126:46200 <-> 172.105.121.82:80 [flowId: 142][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/556 bytes <-> 18 pkts/82689 bytes][Goodput ratio: 76/99][1.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.987 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/56 0/375 0/119][Pkt Len c2s/s2c min/avg/max/stddev: 278/386 278/4594 278/21666 0/5421][URL: pic.1kxun.com/video_kankan/images/releases/301/5027-d707192bfa2dabf22771a4d56454ab88.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35,0,45]
14 TCP 192.168.2.126:46184 <-> 172.105.121.82:80 [flowId: 140][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][3 pkts/829 bytes <-> 13 pkts/73655 bytes][Goodput ratio: 76/99][1.27 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.978 (Download)][IAT c2s/s2c min/avg/max/stddev: 392/0 392/81 392/368 0/134][Pkt Len c2s/s2c min/avg/max/stddev: 273/386 276/5666 278/23106 2/7129][URL: pic.1kxun.com/video_kankan/images/releases/299/4704-5017bcdcacc02cc3af4833cd1ed72a8f.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,18,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,25,0,37]
15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [flowId: 184][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
16 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [flowId: 27][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 3,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0,0,0,0,0,0,0]
17 TCP 192.168.2.126:45398 <-> 161.117.13.29:80 [flowId: 147][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][3 pkts/2127 bytes <-> 18 pkts/58725 bytes][Goodput ratio: 91/98][4.35 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.930 (Download)][IAT c2s/s2c min/avg/max/stddev: 229/0 229/262 229/3434 0/852][Pkt Len c2s/s2c min/avg/max/stddev: 490/551 709/3262 821/7266 155/2191][URL: mangaweb.1kxun.mobi/js/dependency-all.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/dependency)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,43]
18 TCP 192.168.2.126:49354 <-> 14.136.136.108:80 [flowId: 156][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/1184 bytes <-> 19 pkts/53234 bytes][Goodput ratio: 89/98][1.04 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.956 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/26 0/204 0/67][Pkt Len c2s/s2c min/avg/max/stddev: 592/351 592/2802 592/8706 0/2084][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/7e07d4417e0edc98d327d0ddfd3e227a.jpg?format=webp][StatusCode: 200][Content-Type: image/webp][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (/GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,42]
19 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [flowId: 28][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Goodput ratio: 59/95][45.30 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3466/4 44999/62 11990/13][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 136/1145 415/1314 149/400][URL: pic.1kxun.com/video_kankan/images/videos/3578-ywzj.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 4,2,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,79,0,0,0,0,0,0,0,0]
20 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [flowId: 29][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Goodput ratio: 52/95][45.33 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2649/12 44748/253 10525/45][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1127 415/1314 133/398][URL: pic.1kxun.com/video_kankan/images/videos/3713-ydm.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 4,0,0,0,0,0,0,0,0,4,0,9,0,0,4,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,76,0,0,0,0,0,0,0,0]
21 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [flowId: 31][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Goodput ratio: 57/95][45.32 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.887 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3007/1410 44996/45052 11222/7838][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 128/1132 423/1314 145/403][URL: pic.1kxun.com/video_kankan/images/videos/4657-jfyj.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 4,0,0,0,0,0,0,0,0,4,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,77,0,0,0,0,0,0,0,0]
22 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [flowId: 36][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Goodput ratio: 37/95][0.42 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.892 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/8 194/109 46/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/1208 411/1314 102/329][URL: jp.kankan.1kxun.mobi/api/movies/mp4script/10410?definition=true][StatusCode: 200][Content-Type: text/xml][Server: openresty/1.9.7.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/movies/mp4)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,89,0,0,0,0,0,0,0,0]
23 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [flowId: 26][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 7,3,0,0,0,0,0,0,0,3,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,79,0,0,0,0,0,0,0,0]
24 TCP 192.168.2.126:44368 <-> 172.217.18.98:80 [flowId: 162][proto: 7.239/HTTP.GoogleServices][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.239/HTTP.GoogleServices, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/489 bytes <-> 16 pkts/29841 bytes][Goodput ratio: 86/96][0.06 sec][Hostname/SNI: www.googletagservices.com][bytes ratio: -0.968 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/22 0/6][Pkt Len c2s/s2c min/avg/max/stddev: 489/491 489/1865 489/2902 0/738][URL: www.googletagservices.com/tag/js/gpt.js][StatusCode: 200][Content-Type: text/javascript][Server: sffe][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.499 (Executable?)][PLAIN TEXT (GET /tag/js/gpt.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0,29]
25 TCP 192.168.2.126:38354 <-> 142.250.186.34:80 [flowId: 154][proto: 7.126/HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 9][cat: Advertisement/101][1 pkts/586 bytes <-> 12 pkts/28355 bytes][Goodput ratio: 89/97][0.08 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: -0.960 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/23 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 586/687 586/2363 586/2902 0/788][URL: pagead2.googlesyndication.com/pagead/show_ads.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /pagead/show)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,62]
26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [flowId: 181][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
27 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [flowId: 30][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 8,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,75,0,0,0,0,0,0,0,0]
28 TCP 192.168.2.126:36732 <-> 142.250.186.174:80 [flowId: 155][proto: 7.126/HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Advertisement/101][1 pkts/487 bytes <-> 10 pkts/21123 bytes][Goodput ratio: 86/97][0.05 sec][Hostname/SNI: www.google-analytics.com][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/21 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 487/677 487/2112 487/2902 0/822][URL: www.google-analytics.com/analytics.js][StatusCode: 200][Content-Type: text/javascript][Server: Golfe2][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /analytics.js HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,45]
29 TCP 192.168.2.126:45388 <-> 161.117.13.29:80 [flowId: 146][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/1315 bytes <-> 8 pkts/18984 bytes][Goodput ratio: 90/97][4.33 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.870 (Download)][IAT c2s/s2c min/avg/max/stddev: 3965/0 3965/593 3965/3966 0/1379][Pkt Len c2s/s2c min/avg/max/stddev: 509/1287 658/2373 806/8258 148/2234][URL: mangaweb.1kxun.mobi/js/swiper/swiper.min.css][StatusCode: 200][Content-Type: text/css][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/swiper/swiper.min.css H)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0,0,0,40,0,20]
30 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [flowId: 40][proto: 7/HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 9][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Hostname/SNI: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 42.120.51.152 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /api/proxy)][Plen Bins: 11,0,0,0,0,0,0,22,0,0,0,0,0,33,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0]
31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [flowId: 187][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
32 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [flowId: 108][proto: 7.315/HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
33 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [flowId: 109][proto: 7.315/HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
34 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [flowId: 83][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][Hostname/SNI: [ff02::c]:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,12,56,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [flowId: 82][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][8.40 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 102/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 482/0 530/0 562/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,12,18,51,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 192.168.2.126:49370 <-> 14.136.136.108:80 [flowId: 158][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/580 bytes <-> 4 pkts/7749 bytes][Goodput ratio: 88/97][0.22 sec][Hostname/SNI: hkbn.content.1kxun.com][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/b057f5cd8fe013d2299b57f14faa5fa9.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (AGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
37 TCP 192.168.2.126:45422 <-> 161.117.13.29:80 [flowId: 150][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 5][cat: Streaming/17][3 pkts/2139 bytes <-> 4 pkts/6060 bytes][Goodput ratio: 91/96][4.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.478 (Download)][IAT c2s/s2c min/avg/max/stddev: 221/224 2062/1374 3902/3898 1841/1787][Pkt Len c2s/s2c min/avg/max/stddev: 502/1413 713/1515 819/1720 149/124][URL: mangaweb.1kxun.mobi/images/detail_revision/go_homepage.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/application.min.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,14,0,14]
38 TCP 192.168.2.126:60148 <-> 172.105.121.82:80 [flowId: 138][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/536 bytes <-> 3 pkts/7066 bytes][Goodput ratio: 75/97][0.56 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/icons/5-328e3cdf244c003df08754cca05fbc2f.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,40,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20]
39 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [flowId: 100][proto: 91/TLS][IP: 315/Line][Encrypted][Confidence: Match by port][FPC: 315/Line, Confidence: IP address][DPI packets: 20][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][Goodput ratio: 88/51][18.02 sec][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352/2546 3289/14274 980/4917][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482/116 1514/386 582/101][Plen Bins: 23,7,0,0,0,15,7,0,7,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0]
40 TCP 192.168.2.126:38314 <-> 172.105.121.82:80 [flowId: 169][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/273 bytes <-> 4 pkts/6346 bytes][Goodput ratio: 76/96][0.33 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/videos/40750-585645353a7a47615755b7714c611835.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
41 TCP 192.168.2.126:45414 <-> 161.117.13.29:80 [flowId: 148][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][3 pkts/2118 bytes <-> 3 pkts/3518 bytes][Goodput ratio: 91/94][4.32 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 215/216 2066/2066 3917/3916 1851/1850][Pkt Len c2s/s2c min/avg/max/stddev: 482/758 706/1173 819/1456 158/300][URL: mangaweb.1kxun.mobi/js/fb-sdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/fb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,16,0,0,0,0]
42 TCP 192.168.2.126:47246 <-> 161.117.13.29:80 [flowId: 134][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/1872 bytes <-> 2 pkts/3374 bytes][Goodput ratio: 93/96][1.30 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/homePageVideoCollections/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28][StatusCode: 200][Content-Type: application/json][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [flowId: 186][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
44 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [flowId: 39][proto: 7.48/HTTP.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 48/QQ, Confidence: DNS][DPI packets: 9][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Hostname/SNI: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /getvinfo HTTP/1.1)][Plen Bins: 15,0,0,0,0,15,15,0,0,23,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.119.1:67 -> 255.255.255.255:68 [flowId: 3][proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [flowId: 105][proto: 91/TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 4][cat: Web/5][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0,0]
47 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [flowId: 48][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Media/1][7 pkts/1408 bytes <-> 5 pkts/2611 bytes][Goodput ratio: 71/89][0.15 sec][Hostname/SNI: 183.131.48.144][bytes ratio: -0.299 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 14/25 69/67 28/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 201/522 557/1078 225/465][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 183.131.48.144 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [flowId: 44][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: 192.168.115.75 / No ALPN / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA3C: 799135475da362592a4be9199d258726][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [flowId: 86][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: 192.168.115.75 / No ALPN / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [flowId: 188][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
51 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [flowId: 116][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: 192.168.115.75 / No ALPN / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [flowId: 35][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.7.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 20,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0]
53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [flowId: 194][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.2.126:50176 <-> 161.117.13.29:80 [flowId: 167][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/1185 bytes <-> 2 pkts/2082 bytes][Goodput ratio: 94/94][0.19 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/list_default.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/list)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0]
55 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [flowId: 106][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: 192.168.115.75 / No ALPN / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA3C: 799135475da362592a4be9199d258726][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [flowId: 14][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.2.126:35426 <-> 8.209.112.118:80 [flowId: 195][proto: 7/HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 5][cat: Web/5][4 pkts/2668 bytes <-> 1 pkts/142 bytes][Goodput ratio: 92/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 20,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [flowId: 152][proto: 7.126/HTTP.Google][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.486 (Executable?)][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [flowId: 174][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
60 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [flowId: 112][proto: 91/TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 3][cat: Web/5][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463][Plen Bins: 0,0,40,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [flowId: 1][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [flowId: 24][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Hostname/SNI: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.3.2][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/alsolikes/10410)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [flowId: 45][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Goodput ratio: 60/73][0.23 sec][Hostname/SNI: 183.131.48.145][bytes ratio: 0.244 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/42 74/83 34/42][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 143/217 486/687 172/271][URL: 183.131.48.145/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 302][Server: httpserver][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 183.131.48.145 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [flowId: 2][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][59.19 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 5110/0 15056/0 4451/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 TCP 192.168.2.126:45424 <-> 161.117.13.29:80 [flowId: 151][proto: 7/HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/480 bytes <-> 1 pkts/1787 bytes][Goodput ratio: 86/96][0.19 sec][Hostname/SNI: tcad.wedolook.com][URL: tcad.wedolook.com/js/websdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/websdk.js HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
66 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [flowId: 20][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [flowId: 50][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 192.168.2.126:50148 <-> 161.117.13.29:80 [flowId: 164][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/1180 bytes <-> 1 pkts/832 bytes][Goodput ratio: 94/92][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/like_1.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [flowId: 189][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
70 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [flowId: 58][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Hostname/SNI: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][Server: MServer 1.2.2][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 502][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 192.168.2.126:50140 <-> 161.117.13.29:80 [flowId: 163][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/1178 bytes <-> 1 pkts/748 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/left.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.2.126:50166 <-> 161.117.13.29:80 [flowId: 166][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/1179 bytes <-> 1 pkts/746 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/right.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.2.126:47262 <-> 161.117.13.29:80 [flowId: 135][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/937 bytes <-> 1 pkts/883 bytes][Goodput ratio: 93/92][0.31 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d25][StatusCode: 301][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [flowId: 196][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
75 TCP 192.168.2.126:50164 <-> 161.117.13.29:80 [flowId: 165][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/1184 bytes <-> 1 pkts/574 bytes][Goodput ratio: 94/88][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/more_white.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [flowId: 49][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [flowId: 190][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
78 TCP 192.168.2.126:49242 <-> 172.104.119.80:80 [flowId: 139][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][2 pkts/1129 bytes <-> 2 pkts/582 bytes][Goodput ratio: 88/77][2.16 sec][Hostname/SNI: android.yingshi.tcclick.1kxun.com][URL: android.yingshi.tcclick.1kxun.com/api/upload.php][StatusCode: 500][Req Content-Type: application/octet-stream][Content-Type: text/html][Server: openresty/1.11.2.5][User-Agent: okhttp/3.10.0][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 500][PLAIN TEXT (aPOST /api/upload.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [flowId: 175][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [flowId: 53][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [flowId: 5][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [flowId: 43][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 192.168.2.126:59324 <-> 104.117.221.10:80 [flowId: 171][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/475 bytes <-> 1 pkts/1049 bytes][Goodput ratio: 86/94][0.04 sec][Hostname/SNI: m.vpon.com][URL: m.vpon.com/sdk/vpadn-sdk-core-v1.js][StatusCode: 200][Content-Type: application/x-javascript][Server: AkamaiNetStorage][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /sdk/vpadn)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 192.168.2.126:35200 <-> 103.29.71.30:80 [flowId: 144][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/953 bytes <-> 1 pkts/563 bytes][Goodput ratio: 93/88][0.36 sec][Hostname/SNI: release.bigdata.1kxun.com][URL: release.bigdata.1kxun.com/c/35/13277?&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=16][StatusCode: 302][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /c/35/13277)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [flowId: 178][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [flowId: 37][proto: 7/HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 8][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Hostname/SNI: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 218.244.135.170 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/qq)][Plen Bins: 25,0,0,0,50,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [flowId: 11][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [flowId: 6][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
89 UDP 0.0.0.0:68 -> 255.255.255.255:67 [flowId: 7][proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][46.39 sec][Hostname/SNI: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
90 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [flowId: 54][proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Goodput ratio: 88/88][30.01 sec][Hostname/SNI: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
91 TCP 192.168.2.126:53416 <-> 172.217.16.142:80 [flowId: 193][proto: 7.126/HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/625 bytes <-> 1 pkts/734 bytes][Goodput ratio: 89/91][0.05 sec][Hostname/SNI: play.google.com][URL: play.google.com/store/apps/details?id=com.azarlive.android&referrer=adjust_external_click_id%3Dv.2_g.143845_a.f84f54bf-31cd-43ff-bd27-526ccc6457da_c.117_t.ua_u.e7df87247cbcea13%26utm_campaign%3DTest%2BCampaign%26utm_content%3DTest%2BSource%2BApp_123456789][StatusCode: 301][Content-Type: application/binary][Server: ESF][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.564 (Executable?)][PLAIN TEXT (GET /store/apps/details)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 TCP 192.168.2.126:58758 <-> 202.153.196.53:80 [flowId: 179][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][0.32 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=411&s_h=731&u_w=411&u_h=683&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=1&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (NGET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 TCP 192.168.2.126:58760 <-> 202.153.196.53:80 [flowId: 180][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][1.09 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=731&s_h=411&u_w=683&u_h=411&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=2&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [flowId: 172][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [flowId: 173][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 TCP 192.168.2.126:47272 <-> 161.117.13.29:80 [flowId: 136][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/982 bytes <-> 1 pkts/331 bytes][Goodput ratio: 93/80][0.35 sec][Hostname/SNI: messages.1kxun.mobi][URL: messages.1kxun.mobi/api/messages/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kx][StatusCode: 200][Content-Type: text/xml][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /api/messages/listForYingsh)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 TCP 192.168.2.126:56826 <-> 8.209.97.107:80 [flowId: 177][proto: 7/HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][2 pkts/1156 bytes <-> 1 pkts/142 bytes][Goodput ratio: 91/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [flowId: 74][proto: 12/SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [flowId: 176][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.3.236:137 -> 192.168.255.255:137 [flowId: 63][proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Hostname/SNI: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [flowId: 192][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 192.168.2.126:60962 <-> 172.104.93.92:1234 [flowId: 129][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.31 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.2.126:60972 <-> 172.104.93.92:1234 [flowId: 130][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.24 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 TCP 192.168.2.126:60984 <-> 172.104.93.92:1234 [flowId: 131][proto: 7.295/HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.27 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 TCP 192.168.2.126:41134 <-> 129.226.107.77:80 [flowId: 133][proto: 7.48/HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 2][cat: Chat/9][1 pkts/324 bytes <-> 1 pkts/518 bytes][Goodput ratio: 83/89][0.19 sec][Hostname/SNI: cgi.connect.qq.com][URL: cgi.connect.qq.com/qqconnectopen/openapi/policy_conf?status_os=11&status_version=30&status_machine=sdk_gphone_x86&sdkp=a&sdkv=3.1.0.lite&appid=100258135][StatusCode: 302][Content-Type: text/html][Server: stgw][User-Agent: AndroidSDK_30_generic_x86_arm_11][PLAIN TEXT (GET /qq)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 TCP 192.168.2.126:38834 <-> 119.45.78.184:80 [flowId: 137][proto: 7.48/HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 3][cat: Chat/9][2 pkts/655 bytes <-> 1 pkts/170 bytes][Goodput ratio: 80/61][0.31 sec][Hostname/SNI: pingma.qq.com][URL: pingma.qq.com:80/mstat/report][StatusCode: 404][Risk: ** HTTP Susp User-Agent **** Error Code **][Risk Score: 110][Risk Info: Empty or missing User-Agent / HTTP Error Code 404][PLAIN TEXT (POST /mstat/report HTTP/1.1)][Plen Bins: 0,0,0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP 192.168.5.45:138 -> 192.168.255.255:138 [flowId: 69][proto: 10.16/NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Hostname/SNI: macbookair-e1d0][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [flowId: 191][proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 192.168.2.126:51888 -> 119.28.164.143:80 [flowId: 153][proto: 7/HTTP][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/571 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: qzonestyle.gtimg.cn][URL: qzonestyle.gtimg.cn/qzone/openapi/qc-1.0.1.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /qzone/openapi/qc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 192.168.2.126:47230 <-> 161.117.13.29:80 [flowId: 132][proto: 7.295/HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Download/7][1 pkts/223 bytes <-> 1 pkts/330 bytes][Goodput ratio: 70/80][0.18 sec][Hostname/SNI: kankan.1kxun.mobi][URL: kankan.1kxun.mobi/api.domain.conf][StatusCode: 200][Content-Type: application/octet-stream][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][Risk: ** Binary File/Data Transfer (Attempt) **][Risk Score: 50][Risk Info: Found binary mime octet-stream][PLAIN TEXT (GET /api.domain.conf HTTP/1.1)][Plen Bins: 0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.115.8:137 -> 192.168.255.255:137 [flowId: 17][proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Hostname/SNI: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
112 UDP 192.168.5.67:138 -> 192.168.255.255:138 [flowId: 34][proto: 10.16/NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][< 1 sec][Hostname/SNI: sanji-lifebook-][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT ( FDEBEOEKEJ)][Plen Bins: 0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
113 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [flowId: 8][proto: 103/DHCPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 103/DHCPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][15.56 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
114 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [flowId: 92][proto: 103/DHCPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 103/DHCPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][14.54 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
115 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [flowId: 107][proto: 5.315/DNS.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.315/DNS.Line, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Goodput ratio: 52/85][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][203.69.81.73][PLAIN TEXT (official)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [flowId: 56][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.5.9:68 -> 255.255.255.255:67 [flowId: 73][proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.5.41:68 -> 255.255.255.255:67 [flowId: 104][proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [flowId: 182][proto: 7.291/HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [flowId: 25][proto: 5.295/DNS.1kxun][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5.295/DNS.1kxun, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Hostname/SNI: pic.1kxun.com][106.187.35.246][Plen Bins: 66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 UDP 192.168.0.104:137 -> 192.168.255.255:137 [flowId: 117][proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Hostname/SNI: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [flowId: 13][proto: 5.295/DNS.1kxun][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5.295/DNS.1kxun, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: jp.kankan.1kxun.mobi][106.185.35.110][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
123 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [flowId: 38][proto: 5.48/DNS.QQ][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5.48/DNS.QQ, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/150 bytes <-> 1 pkts/116 bytes][Goodput ratio: 44/63][0.04 sec][Hostname/SNI: vv.video.qq.com][203.205.151.234][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
124 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [flowId: 15][proto: 5.295/DNS.1kxun][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5.295/DNS.1kxun, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44/61][1.05 sec][Hostname/SNI: kankan.1kxun.com][222.73.254.113][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
125 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [flowId: 23][proto: 5.295/DNS.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.295/DNS.1kxun, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44/61][0.00 sec][Hostname/SNI: kankan.1kxun.com][222.73.254.167][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
126 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [flowId: 12][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Goodput ratio: 34/0][0.10 sec][Hostname/SNI: wpad][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
127 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [flowId: 57][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][36.19 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
128 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [flowId: 88][proto: 437/Mikrotik][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 437/Mikrotik, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
129 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [flowId: 51][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][0.41 sec][Hostname/SNI: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
130 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [flowId: 102][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][0.41 sec][Hostname/SNI: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
131 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [flowId: 59][proto: 437/Mikrotik][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 437/Mikrotik, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/185 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
132 UDP 192.168.5.45:137 -> 192.168.255.255:137 [flowId: 68][proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.02 sec][Hostname/SNI: nasfile][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
133 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [flowId: 96][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Hostname/SNI: ????????????][Risk: ** Non-Printable/Invalid Chars Detected **][Risk Score: 100][Risk Info: Invalid chars detected in domain name][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
134 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [flowId: 32][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.10 sec][Hostname/SNI: ????????????][Risk: ** Non-Printable/Invalid Chars Detected **][Risk Score: 100][Risk Info: Invalid chars detected in domain name][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
135 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [flowId: 18][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Hostname/SNI: ????????????][Risk: ** Non-Printable/Invalid Chars Detected **][Risk Score: 100][Risk Info: Invalid chars detected in domain name][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
136 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [flowId: 124][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
137 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [flowId: 89][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][0.10 sec][Hostname/SNI: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
138 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [flowId: 127][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][0.10 sec][Hostname/SNI: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
139 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [flowId: 87][proto: 437/Mikrotik][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 437/Mikrotik, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/177 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
140 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [flowId: 60][proto: 7/HTTP][IP: 126/Google][ClearText][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 3][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes][Goodput ratio: 2/0][0.01 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
141 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [flowId: 71][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Hostname/SNI: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
142 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [flowId: 119][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Hostname/SNI: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
143 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [flowId: 113][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Hostname/SNI: sonusav][PLAIN TEXT (sonusav)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
144 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [flowId: 98][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.10 sec][Hostname/SNI: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
145 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [flowId: 61][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.11 sec][Hostname/SNI: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
146 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [flowId: 94][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.41 sec][Hostname/SNI: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
147 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [flowId: 9][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.41 sec][Hostname/SNI: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
148 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [flowId: 93][proto: 437/Mikrotik][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 437/Mikrotik, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][PLAIN TEXT (6.35.4 )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
149 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [flowId: 52][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][0.41 sec][Hostname/SNI: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
150 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [flowId: 103][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][0.41 sec][Hostname/SNI: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
151 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [flowId: 97][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Hostname/SNI: ????????????][Risk: ** Non-Printable/Invalid Chars Detected **][Risk Score: 100][Risk Info: Invalid chars detected in domain name][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
152 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [flowId: 33][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.10 sec][Hostname/SNI: ????????????][Risk: ** Non-Printable/Invalid Chars Detected **][Risk Score: 100][Risk Info: Invalid chars detected in domain name][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
153 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [flowId: 19][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Hostname/SNI: ????????????][Risk: ** Non-Printable/Invalid Chars Detected **][Risk Score: 100][Risk Info: Invalid chars detected in domain name][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
154 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [flowId: 78][proto: 437/Mikrotik][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 437/Mikrotik, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
155 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [flowId: 123][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
156 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [flowId: 81][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
157 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [flowId: 77][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.41 sec][Hostname/SNI: kasper-mac][PLAIN TEXT (Kasper)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
158 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [flowId: 90][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Hostname/SNI: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
159 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [flowId: 128][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Hostname/SNI: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
160 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [flowId: 47][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Hostname/SNI: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
161 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [flowId: 111][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Hostname/SNI: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
162 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [flowId: 46][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Hostname/SNI: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
163 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [flowId: 110][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Hostname/SNI: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
164 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [flowId: 101][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.41 sec][Hostname/SNI: notebook][PLAIN TEXT (notebook)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
165 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [flowId: 42][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.41 sec][Hostname/SNI: notebook][PLAIN TEXT (notebook)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
166 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [flowId: 72][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Hostname/SNI: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
167 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [flowId: 91][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Hostname/SNI: jason-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
168 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [flowId: 0][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Hostname/SNI: jason-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
169 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [flowId: 121][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Hostname/SNI: usher-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
170 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [flowId: 79][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Hostname/SNI: usher-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
171 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [flowId: 62][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.11 sec][Hostname/SNI: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
172 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [flowId: 99][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.10 sec][Hostname/SNI: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
173 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [flowId: 95][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Hostname/SNI: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
174 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [flowId: 10][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Hostname/SNI: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
175 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [flowId: 4][proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][22.90 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
176 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [flowId: 16][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
177 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [flowId: 115][proto: 103/DHCPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 103/DHCPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
178 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [flowId: 67][proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Hostname/SNI: gfile][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
179 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [flowId: 66][proto: 10/NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Hostname/SNI: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
180 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [flowId: 122][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
181 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [flowId: 80][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
182 UDP 192.168.5.16:123 -> 17.253.26.125:123 [flowId: 118][proto: 9/NTP][IP: 140/Apple][ClearText][Confidence: DPI][FPC: 9/NTP, Confidence: DPI][DPI packets: 1][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
183 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [flowId: 75][proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Hostname/SNI: _googlecast._tcp.local][_googlecast._tcp.local][PLAIN TEXT (googlecast)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
184 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [flowId: 125][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
185 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [flowId: 84][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Hostname/SNI: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
186 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [flowId: 120][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][< 1 sec][Hostname/SNI: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
187 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [flowId: 126][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][< 1 sec][Hostname/SNI: jason-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
188 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [flowId: 114][proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 154/LLMNR, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][< 1 sec][Hostname/SNI: sonusav][PLAIN TEXT (sonusav)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [flowId: 41][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][5 pkts/1795 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][40.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [flowId: 22][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][30.00 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [flowId: 65][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][30.01 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [flowId: 70][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][30.11 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [flowId: 21][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][30.10 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [flowId: 64][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/359 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [flowId: 55][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][34.71 sec][PLAIN TEXT (AABHZW50cmljZV9)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [flowId: 76][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][34.72 sec][PLAIN TEXT (icRVSoU)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [flowId: 85][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (dDYcTc4)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|