summaryrefslogtreecommitdiff
path: root/test/results/default/1kxun.pcap.out
diff options
context:
space:
mode:
authorlns <matzeton@googlemail.com>2023-05-30 09:26:43 +0200
committerlns <matzeton@googlemail.com>2023-05-30 09:30:24 +0200
commit5a9b40779d3e0abbf41d5fc910a5a9e2d1679835 (patch)
tree1908c2bc044753d6255f63482f94c718d852b580 /test/results/default/1kxun.pcap.out
parentd0c070a800c7577e6d437812f0d3bd976ddc475e (diff)
bump libnDPI to 04f5c5196e790db8b8cc39e42c8645fb7f3dd141
* added custom nDPI logging callback Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/1kxun.pcap.out')
-rw-r--r--test/results/default/1kxun.pcap.out94
1 files changed, 47 insertions, 47 deletions
diff --git a/test/results/default/1kxun.pcap.out b/test/results/default/1kxun.pcap.out
index d4ab1d250..ce71b0746 100644
--- a/test/results/default/1kxun.pcap.out
+++ b/test/results/default/1kxun.pcap.out
@@ -197,7 +197,7 @@
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":1470104380188122,"flow_dst_last_pkt_time":1470104380300643,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1470104380300643,"pkt":"ABxCjnAxTF4M6gNlCABFAAA0c30AAHAGQPfa9IeqwKhzCCOLwccogsRifLctf4ASQAAcSgAAAgQFtAEDAwABAQQC"}
00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":4,"flow_src_last_pkt_time":1470104380300823,"flow_dst_last_pkt_time":1470104380300643,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1470104380300823,"pkt":"TF4M6gNlABxCjnAxCABFAAAoUhVAAIAGEmvAqHMI2vSHqsHHI4t8ty1\/KILEY1AQAQScEQAA"}
00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":5,"flow_src_last_pkt_time":1470104380300850,"flow_dst_last_pkt_time":1470104380300643,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1470104380300850,"pkt":"TF4M6gNlABxCjnAxCABFAAAoUhVAAIAGEmvAqHMI2vSHqsHHI4t8ty1\/KILEY1AQAQScEQAA"}
-01359{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":1470104380188079,"flow_src_last_pkt_time":1470104380302072,"flow_dst_last_pkt_time":1470104380300643,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":158,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":158,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104380302072,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"218.244.135.170","src_port":49607,"dst_port":9099,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"218.244.135.170","http": {"url":"218.244.135.170:9099\/api\/qqlive_ckey\/get?vid=y0013xaeeyo&platform=10902","code":0,"content_type":"","user_agent":"Mozilla\/5.0"}}}
+01361{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":1470104380188079,"flow_src_last_pkt_time":1470104380302072,"flow_dst_last_pkt_time":1470104380300643,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":158,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":158,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104380302072,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"218.244.135.170","src_port":49607,"dst_port":9099,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"218.244.135.170","http": {"url":"218.244.135.170:9099\/api\/qqlive_ckey\/get?vid=y0013xaeeyo&platform=10902","code":0,"content_type":"","user_agent":"Mozilla\/5.0"}}}
00700{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":2,"flow_src_last_pkt_time":1470104380603356,"flow_dst_last_pkt_time":1470104377634699,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":179,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":179,"pkt_l4_len":145,"thread_ts_usec":1470104380603356,"pkt":"AQBef\/\/6zD2CHu7jCABFAAClQLUAAAQRv8HAqAUv7\/\/\/+utrB2wAkWQETS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClNUOiB1cm46c2NoZW1hcy11cG5wLW9yZzpkZXZpY2U6SW50ZXJuZXRHYXRld2F5RGV2aWNlOjENCk1hbjogInNzZHA6ZGlzY292ZXIiDQpNWDogMw0KDQo="}
00770{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":472,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1470104380737950,"flow_src_last_pkt_time":1470104380737950,"flow_dst_last_pkt_time":1470104380737950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":33,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":33,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":33,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104380737950,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"8.8.8.8","src_port":54420,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":472,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":1470104380737950,"flow_dst_last_pkt_time":1470104380737950,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":75,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":75,"pkt_l4_len":41,"thread_ts_usec":1470104380737950,"pkt":"TF4M6gNlABxCjnAxCABFAAA9UhkAAIARpNbAqHMICAgICNSUADUAKZhJpTgBAAABAAAAAAAAAnZ2BXZpZGVvAnFxA2NvbQAAAQAB"}
@@ -220,7 +220,7 @@
00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":3,"flow_src_last_pkt_time":1470104380890470,"flow_dst_last_pkt_time":1470104380966940,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1470104380966940,"pkt":"ABxCjnAxTF4M6gNlCABFAAAwAABAADAGuQcqeDOYwKhzCB+QwcnDIL+ais5pCHASFtCCkgAAAgQFtAEBBAI="}
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":4,"flow_src_last_pkt_time":1470104380967069,"flow_dst_last_pkt_time":1470104380966940,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1470104380967069,"pkt":"TF4M6gNlABxCjnAxCABFAAAoUiFAAIAGFu7AqHMIKngzmMHJH5CKzmkIwyC\/m1AQ\/\/DGNQAA"}
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":5,"flow_src_last_pkt_time":1470104380967094,"flow_dst_last_pkt_time":1470104380966940,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1470104380967094,"pkt":"TF4M6gNlABxCjnAxCABFAAAoUiFAAIAGFu7AqHMIKngzmMHJH5CKzmkIwyC\/m1AQ\/\/DGNQAA"}
-01415{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":1470104380890420,"flow_src_last_pkt_time":1470104380968230,"flow_dst_last_pkt_time":1470104380966940,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":252,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104380968230,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"42.120.51.152","src_port":49609,"dst_port":8080,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"42.120.51.152","http": {"url":"42.120.51.152:8080\/api\/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo","code":0,"content_type":"","user_agent":"Mozilla\/5.0","request_content_type":"application\/x-www-form-urlencoded"}}}
+01417{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":1470104380890420,"flow_src_last_pkt_time":1470104380968230,"flow_dst_last_pkt_time":1470104380966940,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":252,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104380968230,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"42.120.51.152","src_port":49609,"dst_port":8080,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"42.120.51.152","http": {"url":"42.120.51.152:8080\/api\/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo","code":0,"content_type":"","user_agent":"Mozilla\/5.0","request_content_type":"application\/x-www-form-urlencoded"}}}
00697{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_src_last_pkt_time":1470104381115496,"flow_dst_last_pkt_time":1470104378045830,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":175,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":175,"pkt_l4_len":141,"thread_ts_usec":1470104381115496,"pkt":"AQBef\/\/6\/PiuMpcsCABFAAChLEIAAAER2QjAqANf7\/\/\/+uhMB2wAjbUvTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDoyMzkuMjU1LjI1NS4yNTA6MTkwMA0KU1Q6dXJuOnNjaGVtYXMtdXBucC1vcmc6ZGV2aWNlOkludGVybmV0R2F0ZXdheURldmljZToxDQpNYW46InNzZHA6ZGlzY292ZXIiDQpNWDozDQoNCg=="}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1470104381217455,"flow_src_last_pkt_time":1470104381217455,"flow_dst_last_pkt_time":1470104381217455,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":26,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":26,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":26,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104381217455,"l3_proto":"ip4","src_ip":"192.168.5.37","dst_ip":"224.0.0.252","src_port":56366,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":1,"flow_src_last_pkt_time":1470104381217455,"flow_dst_last_pkt_time":1470104381217455,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":68,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":68,"pkt_l4_len":34,"thread_ts_usec":1470104381217455,"pkt":"AQBeAAD8CJ4BzeuNCABFAAA2U68AAAERvz7AqAUl4AAA\/NwuFOsAIuU8ydMAAAABAAAAAAAACG5vdGVib29rAAD\/AAE="}
@@ -258,7 +258,7 @@
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1470104382053678,"flow_src_last_pkt_time":1470104382053678,"flow_dst_last_pkt_time":1470104382053678,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1470104382053678,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"183.131.48.144","src_port":49613,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":1,"flow_src_last_pkt_time":1470104382053678,"flow_dst_last_pkt_time":1470104382053678,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1470104382053678,"pkt":"TF4M6gNlABxCjnAxCABFAAA0UjJAAIAGjM3AqHMIt4MwkMHNAFBSJ8A7AAAAAIACIABfkwAAAgQE7AEDAwgBAQQC"}
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":2,"flow_src_last_pkt_time":1470104382053709,"flow_dst_last_pkt_time":1470104382053678,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1470104382053709,"pkt":"TF4M6gNlABxCjnAxCABFAAA0UjJAAIAGjM3AqHMIt4MwkMHNAFBSJ8A7AAAAAIACIABfkwAAAgQE7AEDAwgBAQQC"}
-02421{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1470104380890420,"flow_src_last_pkt_time":1470104382084858,"flow_dst_last_pkt_time":1470104381881083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":445,"flow_dst_max_l4_payload_len":1260,"flow_src_tot_l4_payload_len":3612,"flow_dst_tot_l4_payload_len":6271,"midstream":0,"thread_ts_usec":1470104382084858,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"42.120.51.152","src_port":49609,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":25,"avg":70487.1,"max":398999,"stddev":104302.2,"var":10878943232.0,"ent":3.6,"data": [50,76520,76599,25,1136,41,62341,85,61755,47,298859,73,398999,66467,177,166123,34,60273,507,89,60822,34,117112,46,178142,469,61984,45,102335,44259,349653]},"pktlen": {"min":40,"avg":350.6,"max":1300,"stddev":410.3,"var":168364.1,"ent":4.1,"data": [52,52,48,40,40,292,292,46,65,485,485,485,485,46,1300,1300,40,40,1300,1300,528,40,40,267,267,46,65,477,477,46,733,40]},"bins": {"c_to_s": [9,0,0,0,0,0,0,4,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0]},"directions": [0,0,1,0,0,0,0,1,1,0,0,0,0,1,1,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0],"entropies": [4.633441925,4.633441925,4.967222691,4.981687069,4.981687069,5.768459320,5.768459320,4.652828693,5.358993053,6.064707279,6.064707279,6.054220200,6.054220200,4.609350204,5.268521309,4.718248367,4.931687355,4.931687355,4.699154854,5.227048397,4.912804604,4.931686878,4.931686878,5.830219269,5.830219269,4.609350204,5.397304058,6.051352978,6.051352978,4.696306705,5.685911179,4.912815094]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
+02423{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":19,"flow_dst_packets_processed":13,"flow_first_seen":1470104380890420,"flow_src_last_pkt_time":1470104382084858,"flow_dst_last_pkt_time":1470104381881083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":445,"flow_dst_max_l4_payload_len":1260,"flow_src_tot_l4_payload_len":3612,"flow_dst_tot_l4_payload_len":6271,"midstream":0,"thread_ts_usec":1470104382084858,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"42.120.51.152","src_port":49609,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":25,"avg":70487.1,"max":398999,"stddev":104302.2,"var":10878943232.0,"ent":3.6,"data": [50,76520,76599,25,1136,41,62341,85,61755,47,298859,73,398999,66467,177,166123,34,60273,507,89,60822,34,117112,46,178142,469,61984,45,102335,44259,349653]},"pktlen": {"min":40,"avg":350.6,"max":1300,"stddev":410.3,"var":168364.1,"ent":4.1,"data": [52,52,48,40,40,292,292,46,65,485,485,485,485,46,1300,1300,40,40,1300,1300,528,40,40,267,267,46,65,477,477,46,733,40]},"bins": {"c_to_s": [9,0,0,0,0,0,0,4,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0]},"directions": [0,0,1,0,0,0,0,1,1,0,0,0,0,1,1,1,0,0,1,1,1,0,0,0,0,1,1,0,0,1,1,0],"entropies": [4.633441925,4.633441925,4.967222691,4.981687069,4.981687069,5.768459320,5.768459320,4.652828693,5.358993053,6.064707279,6.064707279,6.054220200,6.054220200,4.609350204,5.268521309,4.718248367,4.931687355,4.931687355,4.699154854,5.227048397,4.912804604,4.931686878,4.931686878,5.830219269,5.830219269,4.609350204,5.397304058,6.051352978,6.051352978,4.696306705,5.685911179,4.912815094]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":3,"flow_src_last_pkt_time":1470104382053709,"flow_dst_last_pkt_time":1470104382122949,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":24,"thread_ts_usec":1470104382122949,"pkt":"ABxCjnAxTF4M6gNlCABFAAAsAABAADEGLgi3gzCQwKhzCABQwc0rYeLSUifAPGASOQhglAAAAgQFtAAA"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":4,"flow_src_last_pkt_time":1470104382123077,"flow_dst_last_pkt_time":1470104382122949,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1470104382123077,"pkt":"TF4M6gNlABxCjnAxCABFAAAoUjRAAIAGjNfAqHMIt4MwkMHNAFBSJ8A8K2Hi01AQ\/\/CxaAAA"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":5,"flow_src_last_pkt_time":1470104382123103,"flow_dst_last_pkt_time":1470104382122949,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1470104382123103,"pkt":"TF4M6gNlABxCjnAxCABFAAAoUjRAAIAGjNfAqHMIt4MwkMHNAFBSJ8A8K2Hi01AQ\/\/CxaAAA"}
@@ -696,19 +696,19 @@
00798{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1038,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":132,"flow_packet_id":2,"flow_src_last_pkt_time":1654385120896744,"flow_dst_last_pkt_time":1654385121164319,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":255,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":255,"pkt_l4_len":221,"thread_ts_usec":1654385121164319,"pkt":"nLbQ0+MztKXvZygQCABFAADxUyNAADUGJPmsaF1cwKgCfgTS7jhhoKsw2LHzLoAYAfl7JgAAAQEICryhsD9m1jzmSFRUUC8xLjEgMTAxIFN3aXRjaGluZyBQcm90b2NvbHMNClVwZ3JhZGU6IHdlYnNvY2tldA0KQ29ubmVjdGlvbjogVXBncmFkZQ0KU2VjLVdlYlNvY2tldC1BY2NlcHQ6IC9xNHA4dFI0THBxMFc5OUR5YXRzaEViNXM0UT0NClNlYy1XZWJTb2NrZXQtVmVyc2lvbjogMTMNClNlcnZlcjogc3dvb2xlLXdlYnNvY2tldC1zZXJ2ZXINCg0K"}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127244156,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385127244156,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00758{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_packet_id":1,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127244156,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":223,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":223,"pkt_l4_len":189,"thread_ts_usec":1654385127244156,"pkt":"tKXvZygQnLbQ0+MzCABFAADRE9lAAEAGtJXAqAJ+oXUNHbh+AFDtitlbh1f3JIAYAfZyfAAAAQEICrrF4XWXEOLhR0VUIC9hcGkuZG9tYWluLmNvbmYgSFRUUC8xLjENCkNhY2hlLUNvbnRyb2w6IG5vLWNhY2hlDQpIb3N0OiBrYW5rYW4uMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQpVc2VyLUFnZW50OiBva2h0dHAvMy4xMC4wDQoNCg=="}
-01201{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127244156,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385127244156,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"kankan.1kxun.mobi","http": {"url":"kankan.1kxun.mobi\/api.domain.conf","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
+01203{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127244156,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385127244156,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"kankan.1kxun.mobi","http": {"url":"kankan.1kxun.mobi\/api.domain.conf","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
00783{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1040,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385127293052,"flow_src_last_pkt_time":1654385127293052,"flow_dst_last_pkt_time":1654385127293052,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":270,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":270,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":270,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385127293052,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"129.226.107.77","src_port":41134,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00891{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1040,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":134,"flow_packet_id":1,"flow_src_last_pkt_time":1654385127293052,"flow_dst_last_pkt_time":1654385127293052,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":324,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":324,"pkt_l4_len":290,"thread_ts_usec":1654385127293052,"pkt":"tKXvZygQnLbQ0+MzCABFAAE2ngNAAEAG62jAqAJ+geJrTaCuAFAAOroVfx7qtFAYAfaxfgAAR0VUIC9xcWNvbm5lY3RvcGVuL29wZW5hcGkvcG9saWN5X2NvbmY\/c3RhdHVzX29zPTExJnN0YXR1c192ZXJzaW9uPTMwJnN0YXR1c19tYWNoaW5lPXNka19ncGhvbmVfeDg2JnNka3A9YSZzZGt2PTMuMS4wLmxpdGUmYXBwaWQ9MTAwMjU4MTM1IEhUVFAvMS4xDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXANCkhvc3Q6IGNnaS5jb25uZWN0LnFxLmNvbQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KVXNlci1BZ2VudDogQW5kcm9pZFNES18zMF9nZW5lcmljX3g4Nl9hcm1fMTENCg0K"}
01334{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1040,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385127293052,"flow_src_last_pkt_time":1654385127293052,"flow_dst_last_pkt_time":1654385127293052,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":270,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":270,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":270,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385127293052,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"129.226.107.77","src_port":41134,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.QQ","proto_id":"7.48","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":0,"breed":"Fun","category_id":9,"category":"Chat","hostname":"cgi.connect.qq.com","http": {"url":"cgi.connect.qq.com\/qqconnectopen\/openapi\/policy_conf?status_os=11&status_version=30&status_machine=sdk_gphone_x86&sdkp=a&sdkv=3.1.0.lite&appid=100258135","code":0,"content_type":"","user_agent":"AndroidSDK_30_generic_x86_arm_11"}}}
00899{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1041,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_packet_id":2,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127425884,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":330,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":330,"pkt_l4_len":296,"thread_ts_usec":1654385127425884,"pkt":"nLbQ0+MztKXvZygQCABFAAE8FLJAADQGv1GhdQ0dwKgCfgBQuH6HV\/ck7YrZ+IAYAOvWowAAAQEICpcQ45e6xeF1SFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNToyNyBHTVQNCkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtDQpDb250ZW50LUxlbmd0aDogOQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KTGFzdC1Nb2RpZmllZDogTW9uLCAwMyBGZWIgMjAyMCAwNDoyODozNSBHTVQNCkVUYWc6ICI1ZTM3YTE3My05Ig0KQWNjZXB0LVJhbmdlczogYnl0ZXMNCg0KMWt4dW4uY29t"}
-01237{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1041,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127425884,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":264,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":264,"midstream":1,"thread_ts_usec":1654385127425884,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"4": {"risk":"Binary App Transfer","severity":"Severe","risk_score": {"total":150,"client":135,"server":15}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":7,"category":"Download","hostname":"kankan.1kxun.mobi","http": {"url":"kankan.1kxun.mobi\/api.domain.conf","code":200,"content_type":"application\/octet-stream","user_agent":"okhttp\/3.10.0"}}}
+01239{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1041,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127425884,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":264,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":264,"midstream":1,"thread_ts_usec":1654385127425884,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"4": {"risk":"Binary App Transfer","severity":"Severe","risk_score": {"total":150,"client":135,"server":15}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":7,"category":"Download","hostname":"kankan.1kxun.mobi","http": {"url":"kankan.1kxun.mobi\/api.domain.conf","code":200,"content_type":"application\/octet-stream","user_agent":"okhttp\/3.10.0"}}}
01151{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1042,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":134,"flow_packet_id":2,"flow_src_last_pkt_time":1654385127293052,"flow_dst_last_pkt_time":1654385127488169,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":518,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":518,"pkt_l4_len":484,"thread_ts_usec":1654385127488169,"pkt":"nLbQ0+MztKXvZygQCABFAAH47MNAADEGquaB4mtNwKgCfgBQoK5\/Huq0ADq7I1AYAHt3UAAASFRUUC8xLjEgMzAyIE1vdmVkIFRlbXBvcmFyaWx5DQpTZXJ2ZXI6IHN0Z3cNCkRhdGU6IFNhdCwgMDQgSnVuIDIwMjIgMjM6MjU6MjcgR01UDQpDb250ZW50LVR5cGU6IHRleHQvaHRtbA0KQ29udGVudC1MZW5ndGg6IDEzNw0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KTG9jYXRpb246IGh0dHBzOi8vY2dpLmNvbm5lY3QucXEuY29tL3FxY29ubmVjdG9wZW4vb3BlbmFwaS9wb2xpY3lfY29uZj9zdGF0dXNfb3M9MTEmc3RhdHVzX3ZlcnNpb249MzAmc3RhdHVzX21hY2hpbmU9c2RrX2dwaG9uZV94ODYmc2RrcD1hJnNka3Y9My4xLjAubGl0ZSZhcHBpZD0xMDAyNTgxMzUNCg0KPGh0bWw+DQo8aGVhZD48dGl0bGU+MzAyIEZvdW5kPC90aXRsZT48L2hlYWQ+DQo8Ym9keT4NCjxjZW50ZXI+PGgxPjMwMiBGb3VuZDwvaDE+PC9jZW50ZXI+DQo8aHI+PGNlbnRlcj5zdGd3PC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+DQo="}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385128878259,"flow_src_last_pkt_time":1654385128878259,"flow_dst_last_pkt_time":1654385128878259,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":880,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":880,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":880,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385128878259,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47246,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01722{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_packet_id":1,"flow_src_last_pkt_time":1654385128878259,"flow_dst_last_pkt_time":1654385128878259,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":946,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":946,"pkt_l4_len":912,"thread_ts_usec":1654385128878259,"pkt":"tKXvZygQnLbQ0+MzCABFAAOkVoFAAEAGbxrAqAJ+oXUNHbiOAFDYbv67IGDcx4AYAfZ1TwAAAQEICrrF59eXEOkaR0VUIC92aWRlb19rYW5rYW5fdGFncy92Mi9hcGkvaG9tZVBhZ2VWaWRlb0NvbGxlY3Rpb25zL0hvbWVQYWdlQmFubmVycz9fYnJhbmQ9R29vZ2xlJl9tb2RlbD1zZGtfZ3Bob25lX3g4NiZfb3Y9QW5kcm9pZDExJl9jcHU9aTY4NiZfcmVzb2x1dGlvbj0xMDgwJTJDMTc5NCZfcGFja2FnZT1jb20uc2NlbmV3YXkua2Fua2FuJl92PTIuOC4yLjEmX2NoYW5uZWw9MWt4dW4mX2NhcnJpZXI9MzEwMjYwJl9hbmRyb2lkX2lkPWI5ZTI4Nzc2MzU0ZDI1OWUmX25ldHdvcms9d2lmaSZfYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZfdWRpZD1lNmRiZDMwYi0zYjg0LTQ0YjQtOTc1MS02MzExNDhhM2VkZTkmJl9jb3VudHJ5PVVTJl9sb2NhbGU9ZW4mXz0xNjU0Mzg1MTI1IEhUVFAvMS4xDQpDYWNoZS1Db250cm9sOiBuby1jYWNoZQ0KQ2xpZW50LUJyYW5kOiBHb29nbGUNCkNsaWVudC1EZXZpY2U6IHNka19ncGhvbmVfeDg2DQpDbGllbnQtT3M6IEFuZHJvaWQxMQ0KQ2xpZW50LUNwdTogaTY4Ng0KQ2xpZW50LVJlc29sdXRpb246IDEwODAsMTc5NA0KQ2xpZW50LVBhY2thZ2U6IGNvbS5zY2VuZXdheS5rYW5rYW4NCkNsaWVudC1WZXJzaW9uOiAyLjguMi4xDQpDbGllbnQtU291cmNlOiAxa3h1bg0KQ2xpZW50LVNpbTogMzEwMjYwDQpDbGllbnQtQW5kcm9pZElkOiBiOWUyODc3NjM1NGQyNTllDQpDbGllbnQtQ291bnRyeTogVVMNCkNsaWVudC1MYW5ndWFnZTogZW4NCkNsaWVudC1VaWQ6IGU2ZGJkMzBiLTNiODQtNDRiNC05NzUxLTYzMTE0OGEzZWRlOQ0KSG9zdDoga2Fua2FuLjFreHVuLmNvbQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQpVc2VyLUFnZW50OiBva2h0dHAvMy4xMC4wDQoNCg=="}
-01573{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385128878259,"flow_src_last_pkt_time":1654385128878259,"flow_dst_last_pkt_time":1654385128878259,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":880,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":880,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":880,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385128878259,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47246,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"kankan.1kxun.com","http": {"url":"kankan.1kxun.com\/video_kankan_tags\/v2\/api\/homePageVideoCollections\/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&&_country=US&_locale=en&_=1654385125","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
+01575{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385128878259,"flow_src_last_pkt_time":1654385128878259,"flow_dst_last_pkt_time":1654385128878259,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":880,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":880,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":880,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385128878259,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47246,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"kankan.1kxun.com","http": {"url":"kankan.1kxun.com\/video_kankan_tags\/v2\/api\/homePageVideoCollections\/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&&_country=US&_locale=en&_=1654385125","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1044,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385128878298,"flow_src_last_pkt_time":1654385128878298,"flow_dst_last_pkt_time":1654385128878298,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":871,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":871,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":871,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47262,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01711{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1044,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":136,"flow_packet_id":1,"flow_src_last_pkt_time":1654385128878298,"flow_dst_last_pkt_time":1654385128878298,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":937,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":937,"pkt_l4_len":903,"thread_ts_usec":1654385128878298,"pkt":"tKXvZygQnLbQ0+MzCABFAAObJTNAAEAGoHHAqAJ+oXUNHbieAFDTi3nFmPV9m4AYAfZ1RgAAAQEICrrF59eXEOkZR0VUIC92aWRlb19rYW5rYW5fdGFncy92Mi9hcGkvbWVzc2FnZXM\/bWluX2lkPTAmYWNjZXNzX3Rva2VuPSZfYnJhbmQ9R29vZ2xlJl9tb2RlbD1zZGtfZ3Bob25lX3g4NiZfb3Y9QW5kcm9pZDExJl9jcHU9aTY4NiZfcmVzb2x1dGlvbj0xMDgwJTJDMTc5NCZfcGFja2FnZT1jb20uc2NlbmV3YXkua2Fua2FuJl92PTIuOC4yLjEmX2NoYW5uZWw9MWt4dW4mX2NhcnJpZXI9MzEwMjYwJl9hbmRyb2lkX2lkPWI5ZTI4Nzc2MzU0ZDI1OWUmX25ldHdvcms9d2lmaSZfYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZfdWRpZD1lNmRiZDMwYi0zYjg0LTQ0YjQtOTc1MS02MzExNDhhM2VkZTkmJl9jb3VudHJ5PVVTJl9sb2NhbGU9ZW4mXz0xNjU0Mzg1MTI1IEhUVFAvMS4xDQpDYWNoZS1Db250cm9sOiBuby1jYWNoZQ0KQ2xpZW50LUJyYW5kOiBHb29nbGUNCkNsaWVudC1EZXZpY2U6IHNka19ncGhvbmVfeDg2DQpDbGllbnQtT3M6IEFuZHJvaWQxMQ0KQ2xpZW50LUNwdTogaTY4Ng0KQ2xpZW50LVJlc29sdXRpb246IDEwODAsMTc5NA0KQ2xpZW50LVBhY2thZ2U6IGNvbS5zY2VuZXdheS5rYW5rYW4NCkNsaWVudC1WZXJzaW9uOiAyLjguMi4xDQpDbGllbnQtU291cmNlOiAxa3h1bg0KQ2xpZW50LVNpbTogMzEwMjYwDQpDbGllbnQtQW5kcm9pZElkOiBiOWUyODc3NjM1NGQyNTllDQpDbGllbnQtQ291bnRyeTogVVMNCkNsaWVudC1MYW5ndWFnZTogZW4NCkNsaWVudC1VaWQ6IGU2ZGJkMzBiLTNiODQtNDRiNC05NzUxLTYzMTE0OGEzZWRlOQ0KSG9zdDoga2Fua2FuLjFreHVuLmNvbQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQpVc2VyLUFnZW50OiBva2h0dHAvMy4xMC4wDQoNCg=="}
-01563{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1044,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385128878298,"flow_src_last_pkt_time":1654385128878298,"flow_dst_last_pkt_time":1654385128878298,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":871,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":871,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":871,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47262,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"kankan.1kxun.com","http": {"url":"kankan.1kxun.com\/video_kankan_tags\/v2\/api\/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&&_country=US&_locale=en&_=1654385125","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
+01565{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1044,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385128878298,"flow_src_last_pkt_time":1654385128878298,"flow_dst_last_pkt_time":1654385128878298,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":871,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":871,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":871,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47262,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"kankan.1kxun.com","http": {"url":"kankan.1kxun.com\/video_kankan_tags\/v2\/api\/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&&_country=US&_locale=en&_=1654385125","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":1470104381217586,"flow_src_last_pkt_time":1470104426277904,"flow_dst_last_pkt_time":1470104381217586,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":133,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1197,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.37","dst_ip":"239.255.255.250","src_port":57325,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}}
00966{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104399652689,"flow_src_last_pkt_time":1470104400059395,"flow_dst_last_pkt_time":1470104399652689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.48","dst_ip":"224.0.0.252","src_port":59797,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1470104414395988,"flow_src_last_pkt_time":1470104414395988,"flow_dst_last_pkt_time":1470104414402314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":247,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":247,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.16","dst_ip":"168.95.1.1","src_port":63372,"dst_port":53,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DNS.Line","proto_id":"5.315","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
@@ -750,7 +750,7 @@
00971{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":1470104373232309,"flow_src_last_pkt_time":1470104430168012,"flow_dst_last_pkt_time":1470104373232309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":133,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":133,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1862,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.57","dst_ip":"239.255.255.250","src_port":55809,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104412556037,"flow_src_last_pkt_time":1470104412962283,"flow_dst_last_pkt_time":1470104412556037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":33,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":33,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":66,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip6","src_ip":"fe80::9bd:81dd:2fdc:5750","dst_ip":"ff02::1:3","src_port":64568,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00967{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104429964666,"flow_src_last_pkt_time":1470104430065682,"flow_dst_last_pkt_time":1470104429964666,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":26,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":26,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":52,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.57","dst_ip":"224.0.0.252","src_port":64428,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01229{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":20,"flow_dst_packets_processed":13,"flow_first_seen":1470104380890420,"flow_src_last_pkt_time":1470104382084909,"flow_dst_last_pkt_time":1470104381881083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":445,"flow_dst_max_l4_payload_len":1260,"flow_src_tot_l4_payload_len":3612,"flow_dst_tot_l4_payload_len":6271,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"42.120.51.152","src_port":49609,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
+01231{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":20,"flow_dst_packets_processed":13,"flow_first_seen":1470104380890420,"flow_src_last_pkt_time":1470104382084909,"flow_dst_last_pkt_time":1470104381881083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":445,"flow_dst_max_l4_payload_len":1260,"flow_src_tot_l4_payload_len":3612,"flow_dst_tot_l4_payload_len":6271,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"42.120.51.152","src_port":49609,"dst_port":8080,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104420438972,"flow_src_last_pkt_time":1470104420540216,"flow_dst_last_pkt_time":1470104420438972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":25,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":25,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip6","src_ip":"fe80::5d92:62a8:ebde:1319","dst_ip":"ff02::1:3","src_port":61172,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00970{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":1470104397807877,"flow_src_last_pkt_time":1470104414604155,"flow_dst_last_pkt_time":1470104397807877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":959,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.48","dst_ip":"239.255.255.250","src_port":49701,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}}
00969{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1470104393610238,"flow_src_last_pkt_time":1470104393610238,"flow_dst_last_pkt_time":1470104393610238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":50,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":50,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.45","dst_ip":"192.168.255.255","src_port":59461,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}}
@@ -762,7 +762,7 @@
01097{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104379579523,"flow_src_last_pkt_time":1470104379579704,"flow_dst_last_pkt_time":1470104379579523,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":221,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":244,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":465,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.67","dst_ip":"192.168.255.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}}
00966{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104381217455,"flow_src_last_pkt_time":1470104381626995,"flow_dst_last_pkt_time":1470104381217455,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":26,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":26,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":52,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.37","dst_ip":"224.0.0.252","src_port":56366,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00967{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104412556263,"flow_src_last_pkt_time":1470104412962345,"flow_dst_last_pkt_time":1470104412556263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":33,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":33,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":66,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.49","dst_ip":"224.0.0.252","src_port":64568,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
-01227{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":3,"flow_first_seen":1470104380188079,"flow_src_last_pkt_time":1470104380928909,"flow_dst_last_pkt_time":1470104380732533,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":158,"flow_dst_max_l4_payload_len":392,"flow_src_tot_l4_payload_len":316,"flow_dst_tot_l4_payload_len":397,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"218.244.135.170","src_port":49607,"dst_port":9099,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
+01229{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":3,"flow_first_seen":1470104380188079,"flow_src_last_pkt_time":1470104380928909,"flow_dst_last_pkt_time":1470104380732533,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":158,"flow_dst_max_l4_payload_len":392,"flow_src_tot_l4_payload_len":316,"flow_dst_tot_l4_payload_len":397,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.115.8","dst_ip":"218.244.135.170","src_port":49607,"dst_port":9099,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00965{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104381935396,"flow_src_last_pkt_time":1470104382038651,"flow_dst_last_pkt_time":1470104381935396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.5.9","dst_ip":"224.0.0.252","src_port":58456,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00968{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":1470104381935187,"flow_src_last_pkt_time":1470104382036037,"flow_dst_last_pkt_time":1470104381935187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":27,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":27,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":54,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip4","src_ip":"192.168.101.33","dst_ip":"224.0.0.252","src_port":58456,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
00976{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1045,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1470104399959547,"flow_src_last_pkt_time":1470104399959547,"flow_dst_last_pkt_time":1470104399959547,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1654385128878298,"l3_proto":"ip6","src_ip":"fe80::e034:7be:d8f9:6197","dst_ip":"ff02::1:3","src_port":62756,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}}
@@ -862,7 +862,7 @@
04261{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1046,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_packet_id":2,"flow_src_last_pkt_time":1654385128878259,"flow_dst_last_pkt_time":1654385129190409,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":2812,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":2812,"pkt_l4_len":2778,"thread_ts_usec":1654385129190409,"pkt":"nLbQ0+MztKXvZygQCABFAAruNTxAADQGlRWhdQ0dwKgCfgBQuI4gYNzH2G8CK4AYAPB8mQAAAQEICpcQ6mm6xefXSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNToyOSBHTVQNCkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbjtjaGFyc2V0PXV0Zi04DQpUcmFuc2Zlci1FbmNvZGluZzogY2h1bmtlZA0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KWC1Qb3dlcmVkLUJ5OiBQSFAvNy4xLjE3DQpDb250ZW50LUVuY29kaW5nOiBnemlwDQoNCjljNg0KH4sIAAAAAAAAA+WcXWskWRnHv0sucjWVnOc57wNBBFH2bu7N0JzXTDtJOqQ74y7LgDciKAgquyBeeCfCgrh3guvHmXX9Fv4rdnUCybBT6ToIUzCEdDKdf5+qXz3neT2fH6w3YXOzPnh+sL5JqazXB88ONsuLgh9fXB08J6OVdJrYPzvIYRMOnv\/084Nlxi+eHVyGi4L3ffvbv3735V\/wtqvVelOu8aeG\/yKeHSzXi4D\/XcP5uuDVRTgri6uweYX3vdpsrp6fHp8eXy3TEb3+9ObyKK0uTo\/fLHNZLV6HS\/w7Pb59y\/r0+Lqcl7Au+I49nR5rL2QXWHAIKpoiZWDJKmpvDRGzcMpaOvrZ1Rk+13XZLC\/D4v8jvrwKeWppMiEI8ilFp4TTOrKw1gjnrDdkndmuO50v0+vFzfU5Lvb1zeXuem8v5VFcnvW39P61T\/cu7w8OF8vLRbi6OvnfvThc3ORlPikmxyxF7CTUO6Wi6rzV1BlJpFyQJRd\/uHhzwkfuiI\/oELc7vcZtP8HNPVqncll+Hj47Gv7kxSqX85N1fr04u3q1uiyLT505XKzenBDeGa\/DZT75yWp1dl4OF\/j+erXExcwn0Rd2WLLUKrP2+OVZwI91SCaIWjuXyXXKxtQFL7hjR5yqSKypHG5Odky7nvVrfLzF5rMroExvn23h1qYRuuL0GB+bOwFgiwvs8HwZxaIkQ7m4qCzWYKpugu5I8SnR3UkrbVKsjq3VNjuncRWSsdlQLeyz3BPdrcyM0VW6DbnOw+iSVR3l7IurMgBfp4XwFCmbYAVTAc2pBbljxSckdyftTNYSa\/TeWoEnNVjy0ojINeT+1X7kDjIzJpcEfIwG\/gIRrEJnqIfTKqtM4lh9imQrvlDBS1jkBtiOEn6ILDan+zv4B27ft6IknRBzROnlsINj\/966p\/\/54z\/e\/fpXj7inLFr5p+b0WFlBXSGVhXKUXI2wloqt1yFGuGkpB84tmGM\/UvwhdzvQRvvlg7QMVHUMmfDM+aQUQoj+6dOqKCOUUvuZymGFHz\/f\/n3+qbNNLCV7bPIgV3VaELznnEJKglOSoSonZcpUsuXgagNrOVp8SnKHdVchVBBS2KCrd5KTyMJh3SWT0DIPbvl9uzwmstrKzJncVoGVuyVXdrhfNXOMOinY2upzciVKn4VU3qnUxuaOFJ+S3EHaah10ccXaKr0UQiL\/YaV12HZ0SWF4Yp9K7lZmzuS6RjZX35IrOhaZTZIccyUVkddxqoSQk0JYVZIKTWzuSPEpyR2kvRMxJa6pwj2w2iM9g4xjikkJhFe0r7ewlZkzudyIXHtLLnfZKgqOmWqNiK8QXLlAJgebKnIC3CYPO1J8SnIHaR9sjBmuEhlKwnukQLXOpFKfDxA07DVPtblbmTmSu4vjSN4Fcn\/+w+OBHNk2ToUUt7seyU5lVbSKpXBkDZNUkedGnjaTtARPcXALpyw0jBafDvA76QRbLIRR2URVWcsiatEmC+0KB2H9XoHcTmaOgG8LDb4VubehOInOcVLMRlXZx3MmpeSMo1itTSpF04bckeJTkjtIB5uly4hdLb5jV+BQ2KicqLGyCn7Ykp5mmqXYysyZ3DYpCITevVNBSJ5FFBJJWVM0\/EASyhZlHWIaYcGzKw3c4dHiU5I7rNvYSCIwV8lGiByV1CZEKkpaVZBB3NPmbmXmSO7OqYA\/PCSH\/\/TPd\/\/6+pHkMBk4Hg2KEVIy+HZedZH6xEQmhHs+CoEami5VoJ0hoapWaKgnTepTjBWfkO+dNMskVF81833ngsqOnUBumFDHj8WGuB\/fg8wc+d76FA6tOU3IRdsNyEWKzUvFQYpiQkLMpxKKaUJTRZMFRfDbwjLLkeJTkjtIhwCzHBDb1pJ1qOi1KeQsHCqKtlIadqQn+hTDCmdMrm3TuyAlCsAgl7qAKhQ49UEoklGQYrxGkgIFfckiDI1T09rckeJTkjtIV1ctkmpJo9PIuEQiG4tHFYFd8VkZt6fN3crMkdw7nwLF5KEh8puv\/v3FV486FY0qzgp3oJPwKjxSb2xICYocjGarUYqNpRqnWoR6PEb4Idi4RPeN5a7w\/D0Nir0owSvmOQK361BsVI4wqFF2kbNURGBHBOvJes8AyGr0mMJoWNFgh+cxwpOh1IuiWYbsnFEybRxGtr1Vcja6gIyhYC7BRYFSgTAeyVMuse8rb4HSGOGHKO3M0Af1v7xaXZQXaG\/+ZFMu1j9eXb\/ou5gBlaHukxc\/\/FHnInxFL7LUVqCnQEcn0E1gScmCH5XHtt7dB\/geO9gvk6SRas7w6jZNg2zh9XdwEgO2T8HIQVlGhBqwqwZjbCi+km5Skh0j\/BDeJ26pvShmPFjPEaWdD0dgaUgMffn1d3\/7xWM+nG6UGDIKwAUk+BKaBqOrTFKwR9NRyDZZGAt0Yw1p60kDlDHCUwEne1Ficn6OwA0+nGuFEnoeULeTyDEilRxLVD57YauXmuHs1KwULBkK9Q02X2lGik+H1FZ4zkRp1Sb3Z1DwwuOKFAqaQRNcmegBGJrpk65SYv5MUULLjrQttkQ5Wn06poZ1zxGq3b6IUt92W3z3my++\/ebR1IZok7tT3D\/V1mCIz5OUqmCEQ7IUMjMabZDKwxevK5mhbjDl1jha\/CF3O1\/+g4KJuyHXO+kQTES8hCfNx5or2jAQQChMWVqHSpEfAqj7iZQPb0neyXz8fL9\/2FO0acLAuMcturIrSnj0CsWig0PaOWDSMaGbCH3mcO3QRdRgGx4tPiW6w7o1C0zdpoxuIU7FGFcVWczAlISqNschI\/lUdLcyc0aX2ySUURe5Rdd2psaIYi1hnqxmJGzQoqtDCV5plBHyzvpMa3VHik+J7iCNwY8UseMYjCcn5NMxZh5SyTWghYoxtrx9ZJ+K7lZmzuiqNllHxWjahMOgu4SjAHAoBOIeRVribAj0z9RK8Fd1tlHkJlZ3pPiU6A7S2XqXhNUYBUTBr2YhHDwkHTX5mLDn7InuVmaO6O4cYr7rIHr399+9++XvH0kUsWpToZG6nyLzznTwHVDmY19Q1U0BhW30JODe4wCUhG4aNXiGU9rm0eLTAX4njYFadN33z3HJ8P6VZrQkw1y7EByFPd2KnczHD\/h7x0vJN2rulLfoYjIaOU6HOVNM5MGxwN6KUxUURtdQGUJ7stMtbLMcKz4hunfSyWj0Csn+zAFPWLFChtdK+Fg4VQOnaOxlm3crnDG6rNsMO0kpb3uIcKxQKDjrBFW3IkvyyHiZWjN2W0xfBoUzmRq4FaPFp0R3WLfxxohqskQ1QpBkbyUOm6o4CgbRHKZO90R3KzNHdF++ffn2v6mfUJ+ITQAADQowDQoNCg=="}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1047,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385129449830,"flow_src_last_pkt_time":1654385129449830,"flow_dst_last_pkt_time":1654385129449830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":916,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":916,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":916,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385129449830,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01771{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1047,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":137,"flow_packet_id":1,"flow_src_last_pkt_time":1654385129449830,"flow_dst_last_pkt_time":1654385129449830,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":982,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":982,"pkt_l4_len":948,"thread_ts_usec":1654385129449830,"pkt":"tKXvZygQnLbQ0+MzCABFAAPIWPdAAEAGbIDAqAJ+oXUNHbioAFBarhYgKPds64AYAfZ1cwAAAQEICrrF6hOXEOt4R0VUIC9hcGkvbWVzc2FnZXMvbGlzdEZvcllpbmdzaGk\/Y2xpZW50LXVpZD1lNmRiZDMwYi0zYjg0LTQ0YjQtOTc1MS02MzExNDhhM2VkZTkmbWluX2lkPTAmYWNjZXNzX3Rva2VuPSZfYnJhbmQ9R29vZ2xlJl9tb2RlbD1zZGtfZ3Bob25lX3g4NiZfb3Y9QW5kcm9pZDExJl9jcHU9aTY4NiZfcmVzb2x1dGlvbj0xMDgwJTJDMTc5NCZfcGFja2FnZT1jb20uc2NlbmV3YXkua2Fua2FuJl92PTIuOC4yLjEmX2NoYW5uZWw9MWt4dW4mX2NhcnJpZXI9MzEwMjYwJl9hbmRyb2lkX2lkPWI5ZTI4Nzc2MzU0ZDI1OWUmX25ldHdvcms9d2lmaSZfYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZfdWRpZD1lNmRiZDMwYi0zYjg0LTQ0YjQtOTc1MS02MzExNDhhM2VkZTkmJl9jb3VudHJ5PVVTJl9sb2NhbGU9ZW4mXz0xNjU0Mzg1MTI1IEhUVFAvMS4xDQpDYWNoZS1Db250cm9sOiBuby1jYWNoZQ0KQ2xpZW50LUJyYW5kOiBHb29nbGUNCkNsaWVudC1EZXZpY2U6IHNka19ncGhvbmVfeDg2DQpDbGllbnQtT3M6IEFuZHJvaWQxMQ0KQ2xpZW50LUNwdTogaTY4Ng0KQ2xpZW50LVJlc29sdXRpb246IDEwODAsMTc5NA0KQ2xpZW50LVBhY2thZ2U6IGNvbS5zY2VuZXdheS5rYW5rYW4NCkNsaWVudC1WZXJzaW9uOiAyLjguMi4xDQpDbGllbnQtU291cmNlOiAxa3h1bg0KQ2xpZW50LVNpbTogMzEwMjYwDQpDbGllbnQtQW5kcm9pZElkOiBiOWUyODc3NjM1NGQyNTllDQpDbGllbnQtQ291bnRyeTogVVMNCkNsaWVudC1MYW5ndWFnZTogZW4NCkNsaWVudC1VaWQ6IGU2ZGJkMzBiLTNiODQtNDRiNC05NzUxLTYzMTE0OGEzZWRlOQ0KSG9zdDogbWVzc2FnZXMuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQpVc2VyLUFnZW50OiBva2h0dHAvMy4xMC4wDQoNCg=="}
-01610{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1047,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385129449830,"flow_src_last_pkt_time":1654385129449830,"flow_dst_last_pkt_time":1654385129449830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":916,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":916,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":916,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385129449830,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47272,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"messages.1kxun.mobi","http": {"url":"messages.1kxun.mobi\/api\/messages\/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&&_country=US&_locale=en&_=1654385125","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
+01612{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1047,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385129449830,"flow_src_last_pkt_time":1654385129449830,"flow_dst_last_pkt_time":1654385129449830,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":916,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":916,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":916,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385129449830,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47272,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"messages.1kxun.mobi","http": {"url":"messages.1kxun.mobi\/api\/messages\/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&&_country=US&_locale=en&_=1654385125","code":0,"content_type":"","user_agent":"okhttp\/3.10.0"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1048,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385129508270,"flow_src_last_pkt_time":1654385129508270,"flow_dst_last_pkt_time":1654385129508270,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":151,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":151,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385129508270,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"119.45.78.184","src_port":38834,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00750{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1048,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":1,"flow_src_last_pkt_time":1654385129508270,"flow_dst_last_pkt_time":1654385129508270,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":217,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":217,"pkt_l4_len":183,"thread_ts_usec":1654385129508270,"pkt":"tKXvZygQnLbQ0+MzCABFAADLA6ZAAEAGrXvAqAJ+dy1OuJeyAFCIwHUyTW4UsYAYAfaJyQAAAQEIChuIhYJcXfQQUE9TVCAvbXN0YXQvcmVwb3J0IEhUVFAvMS4xDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXANCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNCkNvbnRlbnQtRW5jb2Rpbmc6IHJjNCxnemlwDQpDb250ZW50LUxlbmd0aDogMzcyDQpIb3N0OiBwaW5nbWEucXEuY29tOjgwDQoNCg=="}
01281{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1048,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385129508270,"flow_src_last_pkt_time":1654385129508270,"flow_dst_last_pkt_time":1654385129508270,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":151,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":151,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":151,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385129508270,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"119.45.78.184","src_port":38834,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"11": {"risk":"HTTP Susp User-Agent","severity":"High","risk_score": {"total":310,"client":275,"server":35}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.QQ","proto_id":"7.48","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":0,"breed":"Fun","category_id":9,"category":"Chat","hostname":"pingma.qq.com","http": {"url":"pingma.qq.com:80\/mstat\/report","code":0,"content_type":"","user_agent":""}}}
@@ -919,29 +919,29 @@
01210{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1149,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":2,"flow_src_last_pkt_time":1654385139579809,"flow_dst_last_pkt_time":1654385139941321,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":563,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":563,"pkt_l4_len":529,"thread_ts_usec":1654385139941321,"pkt":"nLbQ0+MztKXvZygQCABFAAIlZ39AADYGafJnHUcewKgCfgBQiYCZ0vaHoMXdT4AYAffzugAAAQEICpgVo9OBhPyYSFRUUC8xLjEgMzAyIEZvdW5kDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTozOSBHTVQNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sOyBjaGFyc2V0PVVURi04DQpUcmFuc2Zlci1FbmNvZGluZzogY2h1bmtlZA0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KWC1Qb3dlcmVkLUJ5OiBQSFAvNy4xLjE3DQpMb2NhdGlvbjogaHR0cDovL21hbmdhd2ViLjFreHVuLm1vYmkvZGV0YWlsP2lkPTI3MTU5JnN5dGpkdCZfaW5fYXBwPWthbmthbiZfdWRpZD1lNmRiZDMwYi0zYjg0LTQ0YjQtOTc1MS02MzExNDhhM2VkZTkmX3Y9Mi44LjIuMSZfcGFja2FnZT1jb20uc2NlbmV3YXkua2Fua2FuJl9tb2RlbD1zZGtfZ3Bob25lX3g4NiZfb3Y9MTEmX2JyYW5kPUdvb2dsZSZfYW5kcm9pZF9pZD1iOWUyODc3NjM1NGQyNTllJl9nYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZ0PTE2NTQzODUxMzkNCg0KMA0KDQo="}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1150,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385140171515,"flow_dst_last_pkt_time":1654385140171515,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":765,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":765,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140171515,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01569{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1150,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140171515,"flow_dst_last_pkt_time":1654385140171515,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":831,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":831,"pkt_l4_len":797,"thread_ts_usec":1654385140171515,"pkt":"tKXvZygQnLbQ0+MzCABFAAMxxydAAEAG\/ubAqAJ+oXUNHbFEAFArm5Oyz2Zv74AYAfZ03AAAAQEICrrGE\/SXERVjR0VUIC9kZXRhaWw\/aWQ9MjcxNTkmc3l0amR0Jl9pbl9hcHA9a2Fua2FuJl91ZGlkPWU2ZGJkMzBiLTNiODQtNDRiNC05NzUxLTYzMTE0OGEzZWRlOSZfdj0yLjguMi4xJl9wYWNrYWdlPWNvbS5zY2VuZXdheS5rYW5rYW4mX21vZGVsPXNka19ncGhvbmVfeDg2Jl9vdj0xMSZfYnJhbmQ9R29vZ2xlJl9hbmRyb2lkX2lkPWI5ZTI4Nzc2MzU0ZDI1OWUmX2dhaWQ9NWFjNmEwZmYtOGQxOC00N2JjLWE5MDItMjgxMmNmMGMyNTFlJnQ9MTY1NDM4NTEzOSBIVFRQLzEuMQ0KSG9zdDogbWFuZ2F3ZWIuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KVXBncmFkZS1JbnNlY3VyZS1SZXF1ZXN0czogMQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBzZGtfZ3Bob25lX3g4NiBCdWlsZC9SU1IxLjIwMTAxMy4wMDE7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODMuMC40MTAzLjEwNiBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KQWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC45DQpYLVJlcXVlc3RlZC1XaXRoOiBjb20uc2NlbmV3YXkua2Fua2FuDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjkNCg0K"}
-01623{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1150,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385140171515,"flow_dst_last_pkt_time":1654385140171515,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":765,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":765,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140171515,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/detail?id=27159&sytjdt&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=1654385139","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01625{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1150,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385140171515,"flow_dst_last_pkt_time":1654385140171515,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":765,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":765,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140171515,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/detail?id=27159&sytjdt&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=1654385139","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
02485{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1151,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":2,"flow_src_last_pkt_time":1654385140171515,"flow_dst_last_pkt_time":1654385140551907,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_usec":1654385140551907,"pkt":"nLbQ0+MztKXvZygQCABFAAXUeftAADQGVXChdQ0dwKgCfgBQsUTPZm\/vK5uWr4AQAO+9VgAAAQEICpcRFhe6xhP0SFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo0MCBHTVQNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sDQpUcmFuc2Zlci1FbmNvZGluZzogY2h1bmtlZA0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KTGFzdC1Nb2RpZmllZDogVHVlLCAxMCBNYXkgMjAyMiAwNzoxNzo1NyBHTVQNCkVUYWc6IFcvIjYyN2ExMWE1LTFhZmQiDQpDb250ZW50LUVuY29kaW5nOiBnemlwDQoNCjk0NQ0KH4sIAAAAAAAAA+1ZzXPjthW\/+6\/A8hBKYxIk9S3LtGfX3kkz2a\/uutN2NB4NREIyZArgkpBlxfa5nZ46PeTQe0+9Z9Imf85urv0X+gCQEuWP7qbNTJJJPR6TAB8e3jceft5\/dPzy6OT3r56iMzlP0KvfPHn22RGyXM\/7bfPI845PjtHvfnXy\/BkKsI9OMsJzJpngJPG8py+sHYSsMynTPc9bLpd42cQim3onr71LxS1Qy4tXV1bW4ljG1sHOviJSD0riA2C1P6eSgBwydenbBbsIrSPBJeXSPVml1EKRGYWWpJfSU4sHKDojWU5luJATtzdAkiY0PROchlxY3oYpJ3MaWheMLlORSSW3+VmzXLJYnoUxvWARdfXAQYyDriRx84gkNAQDOGhOLtl8Md+aArJbU4ucZpqEjGHhfZJkdEKzjGYVpUTGpoyDWcAQCePn6AyIQsuL8twjaYrheRi0+n7bQhLMUVgBZi2U0SS0crlKaH5GqSwUrzKZ5V6+ZCnNigeeM644fhSv\/UeuC0LlUcZSiUi+4hHKswhk81IyBec18FSIKey+4jGLiAoQHIl58dWDzUmcj1eGCM9y62DfM9wOXFcrXPDWXFUA5BBR6QXOxdlCc4qYXM1ywQ8ZNa6usFAGK9ZXDDMjF8TMWgdoyXgsljhKxAKeSY7CO1PX11cQR5Lxab53dePkksiFersZrFdhcAOLQ6vhN3y\/HfSbrb5V+ZouxgmLRud0FVo+bY07vd44GkfNqN0nzaAx7nf9dp9OYHHUa1Hapj06Dvx2L+4EjV43isbjSTQJSK9NSMMaoNpkwSNlytrSiZ3cSRxWv1oOk9NQ\/bm+Hp4O1AtOF\/lZ7cqeyjkGoTNp73G6RMdE0lodT6k8YXN4c+gFJNKeJpvl9k19cEEyNAljRfI0oXP4mj9ZnZDpC0iVWl4f+qfODD5HGQVWBQXMO3ESJo9COyaSPCMrmtmH9idJaO8me7Y9mGEdHqHMFhQGyp926U+Sso0HMGEqLpTUs\/wQrGrvst04GUxwSjKQ5YWIKWYcEkk+oROR0drMmdQHN\/Wa8aUTi2ihhHZs42XbqYjk2J+ePHfbjfbz1vOmXR+gdbztfDBa1rUBmSAvxX\/7BZQVnWR4Ktl8iiPu6TlPpJSDct7baJQIEtNMhThSBnKLiAn8oN3tNpt+MZ3RmGU0kouMhbqAqnhX9iHndE74lOigX9KxlwgoCr9++5oCLYdqUZQ7S9c7C20SaWfnnjQNbe0OW2uydoQq1SYXJZmChVXNy\/WOMNZeSSWoYG+Yb2ep0Sx2o4SBA0IrIi7Evtvq9IJu0Gp3m61mM+j0rGqpKK34PxeMe\/Xc9lROo0VGQSSoOniKYwGJSUHY6BxzKr0tJSt1RClZiQ4TyJZ+WNsbfKQBK7zvMN5m+F9KvJFWFVFU1rS1bzdlbjN1fY2uonm8h4anNwO9av0Nw7wpJ+vSU0dXmgahDVVMJ4zTN4mQNdtrBJ1Otxv0G93AK4N3lEuw9WrUbPuXbX8UBEHXdtBwCGMHtaGuIHuSLFisJjstmGt21OSw2TDfFUHMLtxpKl0S"}
02189{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1152,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":3,"flow_src_last_pkt_time":1654385140171515,"flow_dst_last_pkt_time":1654385140556480,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1267,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1267,"pkt_l4_len":1233,"thread_ts_usec":1654385140556480,"pkt":"nLbQ0+MztKXvZygQCABFAATlefxAADQGVl6hdQ0dwKgCfgBQsUTPZnWPK5uWr4AYAO+qDAAAAQEICpcRFhe6xhP0u0Gn2Wk3A7\/T7fd6rm\/XMYnjNyZsaxuxjL9r9brRqipx+QlDnkIovIEin9DX0GNAPtf+E30kkoSkOX06T+XqmF3k91EXTIs8Kimgwir3lOecejeF6qflqjHhnGZ3XLXllrXbPuChwO81Gv7\/PZRAGwvHww+UTBz6qQs6gsoPnkrW2bRJoTJtIINa\/b6Dgk5fZdPahfenU9Dst3o\/X2dtHXa6izQzCLFJTbWBYoJYfnQOJy8KQ2SVFc2CiqYKfUmt6R8VlFA8bn1EqFZpXTf1tDoJFXV4Wi\/6sG3eqiibCjUi8cicl3vowQPTubvaFJeROjZHCfRwCTDK95Dqr24TQ8XZnrqpDiuDdVFS37fbhi1Lqg5xXV9B9827OkRutnZbf1NxX6XVY22ih+nvHjpVyUsTqqT6yZ89Dwn+gSPog8vuO4keWnTnQKoSFlGyToAtx\/2QjvhxTpaqqtXA+eXZ\/0c\/N34urjBHwa2i6BlQykBS5a1LX7oAVdqXTCb04Ltv\/\/7+L1\/ue2a0sw89K1L4AFz6VOsPQyAtJyu3EKLAr3U\/WEVzKqCFuSB4nslPrO6Y7szc0iqsvIj4NIppYxtV2Sl23ynK+04JkGiABas73gy632zlBjiAXw0HbeEyD66AjQRP3QZuYf\/7LEvIFyt1O\/7AGlsLdxerguuoMZStwb+NoSq31C2ZtxgZZTE04NDQ51KkhRQfwfPdN3979\/WfvvvyD++++er9n\/\/4\/h9fvfv6n\/\/69q8xBY\/ElEcrlyQJWGVHx7vp8QvngZnvkBWI28eqYSlfTcZuHp8rF38\/G+jFgPvEIsPjBY8TCjwOg04LOr9ur9v6CHZbNtX8ILrhKm1APoUirjn2ABWrXnm3Ym59\/xcMgCYcnF8uOJ6LsUaBQDlPz4wMwwe5eFUt2uru2W8GD1N7MoKAW9JYJEKca4QDrAmwSmHNDcABebK5nT0qm0UE0BuKHSTLa\/ASn7BzKc4fAwC+gktu\/nI8AxgnlBpNk\/ItYHNSAXTSAHQwgwHUPhNxHg4t1cRZjgVIeHQOTwbRI9lkpV45QHccUBh4j+l4MYWn4OrPZKJfI7UQkLhYUZOEEUU5zcQihac5749ARabIYparW24xPnWUEABtPubxsUKdw1K7mnRo\/UoO6elmCsamB4BZsBcHP9ceZxlZ4TQTUqjGGufgfooBE09qJJtqEC53\/Hq9DlgpIHU11Tay0B+w\/Yr6OKF8Ks8GbHe3fkugGoy1kIWlhuy0PlA0pVU24sn6VbkDDRXJiBWmdjjsyO\/bkd+zI93aj8N+mQbYEL3RX1Sh2uxKHV6\/MlptwLoyArDUEaGDiwU97qXskiaehltzlbJalRErxAWY2WwBkoPhh8Y9eoBHi5Dp7UcQUUo5uaHWbtotkV1DJQyV2FAJxZOrsQ5IEZYo6S0Y1zLBbtUHAt+PmTuiQHIf+fCqjg22ax1C3qgDbpfuWp8kbAxvJvLJZqN74eT1foAqD8iDEK9wSB1AKY04KQMoN9Tsox6k+ecnR\/7Lz5uPX79qfxY8\/xQw3TWVSiuDutyU4DAq9QYkCRgp6vX5rs5E\/c+jg51\/A9YbBkX9GgAADQowDQoNCg=="}
01130{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1153,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":4,"flow_src_last_pkt_time":1654385140580140,"flow_dst_last_pkt_time":1654385140556480,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":502,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":502,"pkt_l4_len":468,"thread_ts_usec":1654385140580140,"pkt":"tKXvZygQnLbQ0+MzCABFAAHoxypAAEAGAC3AqAJ+oXUNHbFEAFArm5avz2Z6QIAYAfVzkwAAAQEICrrGFY2XERYXR0VUIC9jc3MvYXBwLmNzcz8xNDkwNSBIVFRQLzEuMQ0KSG9zdDogbWFuZ2F3ZWIuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBzZGtfZ3Bob25lX3g4NiBCdWlsZC9SU1IxLjIwMTAxMy4wMDE7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODMuMC40MTAzLjEwNiBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KQWNjZXB0OiB0ZXh0L2NzcywqLyo7cT0wLjENClgtUmVxdWVzdGVkLVdpdGg6IGNvbS5zY2VuZXdheS5rYW5rYW4NClJlZmVyZXI6IGh0dHA6Ly9tYW5nYXdlYi4xa3h1bi5tb2JpLw0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuLVVTLGVuO3E9MC45DQoNCg=="}
02501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1154,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":5,"flow_src_last_pkt_time":1654385140580140,"flow_dst_last_pkt_time":1654385140772217,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_usec":1654385140772217,"pkt":"nLbQ0+MztKXvZygQCABFAAXUef5AADQGVW2hdQ0dwKgCfgBQsUTPZnpAK5uYY4AQAPsjnwAAAQEICpcRF726xhWNSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo0MCBHTVQNCkNvbnRlbnQtVHlwZTogdGV4dC9jc3MNClRyYW5zZmVyLUVuY29kaW5nOiBjaHVua2VkDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpMYXN0LU1vZGlmaWVkOiBGcmksIDA1IEZlYiAyMDIxIDAzOjQyOjE3IEdNVA0KRVRhZzogVy8iNjAxY2JlOTktMTdiY2MiDQpFeHBpcmVzOiBGcmksIDAyIFNlcCAyMDIyIDIzOjI1OjQwIEdNVA0KQ2FjaGUtQ29udHJvbDogbWF4LWFnZT03Nzc2MDAwDQpDb250ZW50LUVuY29kaW5nOiBnemlwDQoNCjRiYmYNCh+LCAAAAAAAAAPVfWtvZMl12Pf5FRdLCNodTPewm48hm0AgaeWNDFiGsFYQIF8aze5Lsj3NbrofO0M1FpATr2EZsWXLhhLYSqAojmHYseVECmDDsfJnPLO7\/yLnWXWqbt1Xk5wdLaXdZvPeqlPnfU6dOvWV97\/x1Q9\/41e+nb3zb779QefknbNH54vJ7fZ6tLyczgf72WizXpzdjCaT6fxysH92sZivOxej6+nsdvDOq1\/83Wf\/\/NPP\/\/yTz\/\/pj9958uVv5LOP8vV0PMp+Pd\/kX37ifn\/y1eV0NHuyGs1XnVW+nF6cnY\/Gzy+Xi8180hkvZovlYO\/i4KJ30T97lGU0xWr6nXzQ69+8PPv40ePtYrOeTef5YL6Y52fr\/OW6M8nHi+VoPV3MBxl++\/Gj7niWj5Zb+vfgfLG++vjR3m+uFvNtNpmubmajW34bvp0tRria7c1iNeURLqYv88nZi+lkfTXo7e9\/iecYzaaXMPw4n6\/zpQF5sLw8H717evKkd3D0pHf87En38L2zWX6xHuwDvOvFDf33Kp9eXq15OIWAQD37Tmc6n+Qv8U89D042vb7cCghHOJAOQL+4EaZzxETnfLYYPwfc7I1uboBYLzv85vEhvinEI9LBI9ej+eVosngx1+FxhW7xvHaCWhZhlvq+EOfiwkCNQLsxAbsfFQBwgy\/zGRDpozwC6enj63y+efwUxoH\/dl4sRzfbAktkexf0jwc1Y1iBuOvFNSHZYd3Q7nyxnOTLDq6od\/MyWy1m0wmMxfyluM96+31cBkxfgD5GHzyTzabb2XS17qzWt7OcWe7sAhhpPUAQhHX6R0nOcdjIFB0yM4xqqP4MqGL+sLoZzbeO7ExvhoyW1jkGQntRyXpH8LvI0hH9Y8bqLvPJzWI6X7sBAzYS5B0YpsPPHu7ROWBxswbZA6Sewp+WxNsHALFgewkitVkNsh6+aJB8YJhJRB2wMJHX4HlDIaY2iXcoemaZODmv0rEHyYMIC82vC++Oxsh7GWFSX9rfHx8+O48f8QjS55j3Pn70aA8lB1VGQV94jmWNsP+EflAbeAz09q1eUZlGCXS8a\/gZ4NLpMvdpeD1aPS\/jUtHQhv\/tHI6EynnIYSUzZHvj2WKV+2U6qit\/fEno3keykwwe7qO+qR3TcDmq16rnFbghsJoHxYFvF9d0mGh2z9dugUqBypU4yPhpD1wWj3OMSGGkoVAToXtHzZbNg8cgIx+irkKN0b1aXOdoLAz\/ZZvl7N13ut2n0+vRZb56io8M8YXuzfzynffA7nSW+U0+WltxdMyR9VAMO0fPAGw\/aIdscHbQh9WwGyDIP0BVI0qS\/8BrzU7gSSCKA3Q8WueXi+Xt\/QLbeXbyINCuwH0YX90zrL1jQNYDoPb6vpHaPwLNfc+AqgJ+KI5FMbsvfnWwPiTTPgjAD8i3DwLvA7Hu\/cD66Onj2QIiH\/RNfw0\/vA8Bzwg87iUYYAyJ"}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1158,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140779083,"flow_src_last_pkt_time":1654385140779083,"flow_dst_last_pkt_time":1654385140779083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":443,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":443,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":443,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140779083,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45388,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01139{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1158,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140779083,"flow_dst_last_pkt_time":1654385140779083,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":509,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":509,"pkt_l4_len":475,"thread_ts_usec":1654385140779083,"pkt":"tKXvZygQnLbQ0+MzCABFAAHvAsFAAEAGxI\/AqAJ+oXUNHbFMAFBD8y8ewu06rIAYAfZzmgAAAQEICrrGFlSXERfAR0VUIC9qcy9zd2lwZXIvc3dpcGVyLm1pbi5jc3MgSFRUUC8xLjENCkhvc3Q6IG1hbmdhd2ViLjFreHVuLm1vYmkNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCAxMTsgc2RrX2dwaG9uZV94ODYgQnVpbGQvUlNSMS4yMDEwMTMuMDAxOyB3dikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgVmVyc2lvbi80LjAgQ2hyb21lLzgzLjAuNDEwMy4xMDYgTW9iaWxlIFNhZmFyaS81MzcuMzYNCkFjY2VwdDogdGV4dC9jc3MsKi8qO3E9MC4xDQpYLVJlcXVlc3RlZC1XaXRoOiBjb20uc2NlbmV3YXkua2Fua2FuDQpSZWZlcmVyOiBodHRwOi8vbWFuZ2F3ZWIuMWt4dW4ubW9iaS8NCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuOQ0KDQo="}
-01401{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1158,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140779083,"flow_src_last_pkt_time":1654385140779083,"flow_dst_last_pkt_time":1654385140779083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":443,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":443,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":443,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140779083,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45388,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/swiper\/swiper.min.css","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01403{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1158,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140779083,"flow_src_last_pkt_time":1654385140779083,"flow_dst_last_pkt_time":1654385140779083,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":443,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":443,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":443,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140779083,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45388,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/swiper\/swiper.min.css","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1159,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140794335,"flow_src_last_pkt_time":1654385140794335,"flow_dst_last_pkt_time":1654385140794335,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":424,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140794335,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45398,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01114{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1159,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140794335,"flow_dst_last_pkt_time":1654385140794335,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":490,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":490,"pkt_l4_len":456,"thread_ts_usec":1654385140794335,"pkt":"tKXvZygQnLbQ0+MzCABFAAHcEGNAAEAGtwDAqAJ+oXUNHbFWAFBjG+nbqUorjYAYAfZzhwAAAQEICrrGFmOXERfRR0VUIC9qcy9kZXBlbmRlbmN5LWFsbC5qcyBIVFRQLzEuMQ0KSG9zdDogbWFuZ2F3ZWIuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBzZGtfZ3Bob25lX3g4NiBCdWlsZC9SU1IxLjIwMTAxMy4wMDE7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODMuMC40MTAzLjEwNiBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KQWNjZXB0OiAqLyoNClgtUmVxdWVzdGVkLVdpdGg6IGNvbS5zY2VuZXdheS5rYW5rYW4NClJlZmVyZXI6IGh0dHA6Ly9tYW5nYXdlYi4xa3h1bi5tb2JpLw0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuLVVTLGVuO3E9MC45DQoNCg=="}
-01396{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1159,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140794335,"flow_src_last_pkt_time":1654385140794335,"flow_dst_last_pkt_time":1654385140794335,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":424,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140794335,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45398,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/dependency-all.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01398{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1159,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140794335,"flow_src_last_pkt_time":1654385140794335,"flow_dst_last_pkt_time":1654385140794335,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":424,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140794335,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45398,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/dependency-all.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1160,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140824396,"flow_src_last_pkt_time":1654385140824396,"flow_dst_last_pkt_time":1654385140824396,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":416,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":416,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":416,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140824396,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45414,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01102{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1160,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140824396,"flow_dst_last_pkt_time":1654385140824396,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":482,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":482,"pkt_l4_len":448,"thread_ts_usec":1654385140824396,"pkt":"tKXvZygQnLbQ0+MzCABFAAHUlAtAAEAGM2DAqAJ+oXUNHbFmAFDqwyBTbdxR+IAYAfZzfwAAAQEICrrGFoGXERfuR0VUIC9qcy9mYi1zZGsuanMgSFRUUC8xLjENCkhvc3Q6IG1hbmdhd2ViLjFreHVuLm1vYmkNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCAxMTsgc2RrX2dwaG9uZV94ODYgQnVpbGQvUlNSMS4yMDEwMTMuMDAxOyB3dikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgVmVyc2lvbi80LjAgQ2hyb21lLzgzLjAuNDEwMy4xMDYgTW9iaWxlIFNhZmFyaS81MzcuMzYNCkFjY2VwdDogKi8qDQpYLVJlcXVlc3RlZC1XaXRoOiBjb20uc2NlbmV3YXkua2Fua2FuDQpSZWZlcmVyOiBodHRwOi8vbWFuZ2F3ZWIuMWt4dW4ubW9iaS8NCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuOQ0KDQo="}
-01388{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1160,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140824396,"flow_src_last_pkt_time":1654385140824396,"flow_dst_last_pkt_time":1654385140824396,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":416,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":416,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":416,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140824396,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45414,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/fb-sdk.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01390{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1160,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140824396,"flow_src_last_pkt_time":1654385140824396,"flow_dst_last_pkt_time":1654385140824396,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":416,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":416,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":416,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140824396,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45414,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/fb-sdk.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1161,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385140835391,"flow_dst_last_pkt_time":1654385140835391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":434,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":434,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140835391,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01126{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1161,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140835391,"flow_dst_last_pkt_time":1654385140835391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":500,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":500,"pkt_l4_len":466,"thread_ts_usec":1654385140835391,"pkt":"tKXvZygQnLbQ0+MzCABFAAHm88RAAEAG05TAqAJ+oXUNHbFoAFBS0EalvQnYUYAYAfZzkQAAAQEICrrGFoyXERf6R0VUIC9qcy92ZW5kb3IuYnVuZGxlLmpzPzE2NDQ4MDc4NzQgSFRUUC8xLjENCkhvc3Q6IG1hbmdhd2ViLjFreHVuLm1vYmkNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCAxMTsgc2RrX2dwaG9uZV94ODYgQnVpbGQvUlNSMS4yMDEwMTMuMDAxOyB3dikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgVmVyc2lvbi80LjAgQ2hyb21lLzgzLjAuNDEwMy4xMDYgTW9iaWxlIFNhZmFyaS81MzcuMzYNCkFjY2VwdDogKi8qDQpYLVJlcXVlc3RlZC1XaXRoOiBjb20uc2NlbmV3YXkua2Fua2FuDQpSZWZlcmVyOiBodHRwOi8vbWFuZ2F3ZWIuMWt4dW4ubW9iaS8NCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuOQ0KDQo="}
-01406{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1161,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385140835391,"flow_dst_last_pkt_time":1654385140835391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":434,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":434,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140835391,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/vendor.bundle.js?1644807874","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01408{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1161,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385140835391,"flow_dst_last_pkt_time":1654385140835391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":434,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":434,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140835391,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/vendor.bundle.js?1644807874","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1162,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140836422,"flow_src_last_pkt_time":1654385140836422,"flow_dst_last_pkt_time":1654385140836422,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":436,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":436,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140836422,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45422,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01131{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1162,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140836422,"flow_dst_last_pkt_time":1654385140836422,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":502,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":502,"pkt_l4_len":468,"thread_ts_usec":1654385140836422,"pkt":"tKXvZygQnLbQ0+MzCABFAAHoPA1AAEAGi0rAqAJ+oXUNHbFuAFD4VTA0r32OCIAYAfZzkwAAAQEICrrGFo2XERf6R0VUIC9qcy9hcHBsaWNhdGlvbi5taW4uanM\/MTY0NDgwODIwMCBIVFRQLzEuMQ0KSG9zdDogbWFuZ2F3ZWIuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBzZGtfZ3Bob25lX3g4NiBCdWlsZC9SU1IxLjIwMTAxMy4wMDE7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODMuMC40MTAzLjEwNiBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KQWNjZXB0OiAqLyoNClgtUmVxdWVzdGVkLVdpdGg6IGNvbS5zY2VuZXdheS5rYW5rYW4NClJlZmVyZXI6IGh0dHA6Ly9tYW5nYXdlYi4xa3h1bi5tb2JpLw0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuLVVTLGVuO3E9MC45DQoNCg=="}
-01408{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1162,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140836422,"flow_src_last_pkt_time":1654385140836422,"flow_dst_last_pkt_time":1654385140836422,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":436,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":436,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140836422,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45422,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/application.min.js?1644808200","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01410{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1162,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140836422,"flow_src_last_pkt_time":1654385140836422,"flow_dst_last_pkt_time":1654385140836422,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":436,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":436,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":436,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140836422,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45422,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/js\/application.min.js?1644808200","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1163,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140850557,"flow_src_last_pkt_time":1654385140850557,"flow_dst_last_pkt_time":1654385140850557,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":414,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":414,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":414,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140850557,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45424,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01098{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1163,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":1,"flow_src_last_pkt_time":1654385140850557,"flow_dst_last_pkt_time":1654385140850557,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":480,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":480,"pkt_l4_len":446,"thread_ts_usec":1654385140850557,"pkt":"tKXvZygQnLbQ0+MzCABFAAHSWjRAAEAGbTnAqAJ+oXUNHbFwAFDyLD7Q6DFyGoAYAfZzfQAAAQEICrrGFpuXERgHR0VUIC9qcy93ZWJzZGsuanMgSFRUUC8xLjENCkhvc3Q6IHRjYWQud2Vkb2xvb2suY29tDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgMTE7IHNka19ncGhvbmVfeDg2IEJ1aWxkL1JTUjEuMjAxMDEzLjAwMTsgd3YpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vNC4wIENocm9tZS84My4wLjQxMDMuMTA2IE1vYmlsZSBTYWZhcmkvNTM3LjM2DQpBY2NlcHQ6ICovKg0KWC1SZXF1ZXN0ZWQtV2l0aDogY29tLnNjZW5ld2F5Lmthbmthbg0KUmVmZXJlcjogaHR0cDovL21hbmdhd2ViLjFreHVuLm1vYmkvDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjkNCg0K"}
-01381{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1163,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140850557,"flow_src_last_pkt_time":1654385140850557,"flow_dst_last_pkt_time":1654385140850557,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":414,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":414,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":414,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140850557,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45424,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":17,"category":"Streaming","hostname":"tcad.wedolook.com","http": {"url":"tcad.wedolook.com\/js\/websdk.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01383{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1163,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385140850557,"flow_src_last_pkt_time":1654385140850557,"flow_dst_last_pkt_time":1654385140850557,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":414,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":414,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":414,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385140850557,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45424,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":17,"category":"Streaming","hostname":"tcad.wedolook.com","http": {"url":"tcad.wedolook.com\/js\/websdk.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
02302{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1168,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":2,"flow_src_last_pkt_time":1654385140779083,"flow_dst_last_pkt_time":1654385140963152,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1363,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1363,"pkt_l4_len":1329,"thread_ts_usec":1654385140963152,"pkt":"nLbQ0+MztKXvZygQCABFAAVFItxAADQGrR6hdQ0dwKgCfgBQsUzC7TqsQ\/Mw2YAYAOvLegAAAQEICpcRGHq6xhZUSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo0MCBHTVQNCkNvbnRlbnQtVHlwZTogdGV4dC9jc3MNClRyYW5zZmVyLUVuY29kaW5nOiBjaHVua2VkDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpMYXN0LU1vZGlmaWVkOiBGcmksIDE2IE9jdCAyMDIwIDA3OjExOjEwIEdNVA0KRVRhZzogVy8iNWY4OTQ3OGUtYzJlIg0KRXhwaXJlczogRnJpLCAwMiBTZXAgMjAyMiAyMzoyNTo0MCBHTVQNCkNhY2hlLUNvbnRyb2w6IG1heC1hZ2U9Nzc3NjAwMA0KQ29udGVudC1FbmNvZGluZzogZ3ppcA0KDQozYmYNCh+LCAAAAAAAAAO1Vm1v2zYQ\/mz9ivvSpTMkS0kLrFCQAe1eiqApECzFin1kJMoiIpMCSUW2i\/z33VEvlj1JGZbOH+KYvHv48Lnj3YVLD5ZwV4uSa7hY\/bSK6PdndS8KDlZVSQ6mECluMplCptmG10o\/QC1sDjnTac00B5YkvOCaWZ6C1UwaYYWSBqEILbe2jMOwruuVSJlcc61WlQkbXPx2h4et8S+q3Gmxzi1cROdRgH\/e+vBnwVKxERo+4ZEF25QiFYT8Jecgfu0hZw5r0W9EwqVBlpWkO328vYEf4PP1l3b7D7wFo20lY3hfrStj4U3kE5W33jL0wiVcvezjfWBGJJ3gd3ZXcAPeyzCvrpDaqpExSJS0TEi83DdvsWF6LWQcAausuvQWpWoiE2teMCseOa6pR66zQtVxLtKUS1wJan7\/IGxwz5KHjCU8eBRGYEIIuxsYbdT+OQvzjIGa3589H0Pxu9iCyuCrYwtZIZIHroVcA8qx2AcCQ7yNzy+9p16cWrOSEh2lGZOiFqnN4\/MoejVQ4ZDPQakVeqMKnUJuL1N640PBM+vjiynHXdMKXwe+iTgypwbkHzskjAl\/k76Oyq0f+dGPp4buUQUWH4JcB1klEwdICYuWGDaKyCjbfmOEar\/XoJ\/w7HdnSfZWzzFU4\/za5RF2Rw4n3AZek\/Id+U8oF4wCNVEotxQF0taMU+\/WR7h3W+PCtnjzuh4dOkHfW4zFfCIzB6bHavb2U1IOPMeJDOqG2gZG7DFLY6ByxCXWErWldKZMwX8ntid3Di8405wjSsrhZ+hK3uBVHz3M8WwEejCBqmzHZ+Zmx7az0TgynU27oeW\/PLut49AV8oMerolSPcMSzmzsyhBdrCvhk1r\/91BQF7z+7TyCr1hhVW3gNleSwzuqx9jMBr2oLt8FudJiTz2pIJbuHdFUEbCmekHJZLA7qtHohC3JimTOBbPpyfse\/fgvVWlIsNGrDRjXjn3IOc40O1WB5DTQKDAlT0S2c9nsmuuZcfOQU\/\/MeJjt3Ph4F+y2rsz7wG2y+t\/6OkbgrqXUjG7I5w45xKS+twiXTSe7iLCVYDbknAaqGLCz4W80GcmfISQNfGYIiRWwwyQQao8DzFcjkC6+j5xi3iPj3ENRx9Uma0luVySoX59yaoYOHEJPENwsgsv\/gFh4CIFnvXCW8m77IEIznn3PKB4yJMB5zeJ03V6PpNjzQQbBfWUtjaHL0N2sK3aNgifeLhcO8jauTTo3AEN5WwUnIDp9RzH+Bl7SBF8uDAAADQowDQoNCg=="}
02493{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1169,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":2,"flow_src_last_pkt_time":1654385140794335,"flow_dst_last_pkt_time":1654385140978405,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_usec":1654385140978405,"pkt":"nLbQ0+MztKXvZygQCABFAAXUMwZAADQGnGWhdQ0dwKgCfgBQsVapSiuNYxvrg4AQAOsJXgAAAQEICpcRGIq6xhZjSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo0MCBHTVQNCkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vamF2YXNjcmlwdA0KVHJhbnNmZXItRW5jb2Rpbmc6IGNodW5rZWQNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNCkxhc3QtTW9kaWZpZWQ6IEZyaSwgMTYgT2N0IDIwMjAgMDc6MTE6MTAgR01UDQpFVGFnOiBXLyI1Zjg5NDc4ZS0yM2UzNyINCkV4cGlyZXM6IEZyaSwgMDIgU2VwIDIwMjIgMjM6MjU6NDAgR01UDQpDYWNoZS1Db250cm9sOiBtYXgtYWdlPTc3NzYwMDANCkNvbnRlbnQtRW5jb2Rpbmc6IGd6aXANCg0KNjAwYQ0KH4sIAAAAAAAAA9y9aXcjx7Gu+33\/ChLWpoBGkU22JJ9tsItYUqtlydZkdduSNwh5YSgMJAiQANiDCPq3n+eNHCoLBCV7n3PXvetqIGrIyjEy5oj8j6dP9vcu\/nJbLN\/vvTk5OuG\/vc1efdDYe3Z8\/EnG35OPw\/svFrfzYW89Xcyzva\/mgyMKXtzoy6PFcvx0Nh0U81Wx9+Tpf+yPbucDlav3sn7jrrboXxSDdS3P1++vi8Vo72oxvJ0VBwePvDgq3l0vlutV25ULt3nvaLgY3F4V83W7T837x41W2VDjbjqq75dFGuvJcvF2b1683Xu5XC6W9Zof5bK4uZ0ui9Veb+\/tdD6kzNvpesJdqLzWOF0W69vlfI9WGvct+1uvMfZiNJ0Xw9p+GIf7vu1+WuvJdJWVHdLI3\/SWe4O8082G+eBopRnKCq4Gi\/mgt85GXF7fribZmAu6Urz7bpRN8rv7bJpPjtaLV+vldD7OLriZ9FbfvZ1\/v1xcF8v1++xShWZ5zS1YLbvKq+36\/mvwV0ejOZVP17YW99k8f\/pz53x1fvvFyy++OH\/36XG3udm6\/+DpOFtQ7PBqdfg0u86fHtY758Pe4S\/dxtPxNLvZ3VifHv\/1mv696K2KeuP+VC3nV0fXy8V6oYXP7xy0tGYZE7BaL28H68WydZWtihngwWWtls2K+Xg9aR1n68Wny2XvfbnCjTs\/quHRoDeb1TXdjftsXKzLMr1YaH47m+3nvfbxWa+tkp1eUz9Hrv6uLVan121VK9NqvFr3BpeVKrWKfUZyVSzHhbWrFQwDqDeyXgkxDLd4853Be24A0VfZdfFubbfhJuvfZ0VvMEnaEbz4EV4d6Z21lGkH3WdXveukaCxoQ4qdrtPF3rX7LMJDPxvE4j03czxSpQ3qNZgsa44ltyoeHvWur2fvfY+WY9uEK1Uwmi5XyQJUKyhu6seUmfV+tcjhCWWKm7IXrKKb8mTFskHe7DXrWs5+6zjO91Y\/B2f58cFB\/2zQ7uhNZ9DttjpdVT8flvVXO1ku2GZj1aVrKzDic01xa5StwEotNjI\/2epa21l3dsESgafWtAOgsOP8dVwGNyQWk7kfZkU2YtP3wkR2jrubDTt6kp+w9eNjD6wggP2T05FQWH+xmBW9eYlJxwcH9Yt8XKls4itrNhvZAww73myujqarLwKCHjc2m\/oYdNKg9TyfUt\/YAe7k8LBxOj2bnE6oCNzqdlS9KPvXmXQbDfVruDed7xWNXj7uDLusVKGf8X6eD9S9gwP9qNXvZ73p3G0OKAwNa1dNV7bRedBotOt9\/mO44MbewUH5stdo97SSrfg8rcveMn9qnhrd3NcvmGQqbb1ZTId7x743VoSnAcWPy4Wr30F3elCElicVtWZ91vymt54cLfX4qt5oHC2L61lvUNSfnn8OlqzVGtl09UPRG75v7R9nhQhNCWfA8TYRgp5k"}
02513{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1170,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":3,"flow_src_last_pkt_time":1654385140794335,"flow_dst_last_pkt_time":1654385140978819,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"thread_ts_usec":1654385140978819,"pkt":"nLbQ0+MztKXvZygQCABFAAXUMwdAADQGnGShdQ0dwKgCfgBQsVapSjEtYxvrg4AQAOu7rQAAAQEICpcRGIq6xhZj88Ui2cwNofu4HpWPHTaoBRhi1RmcMKnIEh85BGl\/wyxuNqE0ZTw6qfWESB98\/aMRvx0N7nnceXDQy6G5jrqpvW\/Z9svpYMcn++lK8d3hdW+5Kr6YLXqQnQabUp+\/vLpev3erX6nC9rrBd19w1Gu4cQPz\/sK+TtZ7x9dG+zebAO4sdpypzaZ3NF8Mi9dMnAN+N3I6Vra0Xr4X\/wCCLBH7wcH+hUOYvayWPK81kjfpByWpy2oAe6B7341qZUv3EH5Qe8TJ+yf3tHt5tHg7\/xo0adupMg17sQ\/9RjpJAYAddAMa\/c0mKXqfCVAqM+WJi1aXdW33mrVaK0xYZM16TGIAoRLN9NqTztTPRQP0Ej5rqREYuh57b7bo92Yv3\/RmZaNQtL52MXzMVb3PtDHBxbti8GqwnF6vE1ilIG\/4Nsy3yBNf3GeD3lUxE0dR1hoBe68Xt+Miq8Gs1Mr9eZ3d2FYbFt9SQ\/JxQmYdXOg9IGswomvYmK8XbwMbo4mtPtlBuEViBcUg9vxYqCtg7nG+BMxOWWFK8HfcuBO+PB2dFaeFQ6tD6nfEtdcpQJ4NeMUcDNjoL4ve5X0xg6XWN4XbG1Tyr3zxeFvGO1lTRaaff629X\/8qwCJgoKVOZjvgIMMpgjpgri7IK1dqLiwqDueycAgtgJ8THjSvAwF3pxuaifipvqx7asJebgcGbZDV4M3gnFP4Fa\/Xg3w4ABvAsjWyAVhp\/rDNuJpaNyDT5tJvnrH7vg9bNnDbUavhmEoI3wB+c9A2knHVe1c\/zobNQaM1aB2fDs8GpwO34gOtJPuiD3vCUgd8tze4d40cnjAbYjWTeRTUuploxuaGwBrU2Ld++nYynRX1wdmwwbI2m9283xnyY8An4tdwBSI15HV3q6gfZKgyB0LY2JC8Sk80P4LIAPGINyO6Aj8TJmKS7w9Ox2ej0xEjHub7SFCdEaWANXoyOTgoTO6xp5ESF4KBhy25Vh40oH0FrwRQsDwTQ5tJi6FBbScHLcODg6lrdNg4jZtq5DYVa+h7+MgHfmIKv1MZ8RSQHd9Oh62TDAHnXSKnmMhrayU2z8PsA4hk\/esgik6\/m\/XzXtbLmRwR0S8CYwZPUx\/kXjyJLGH2rMGaxx0St1fP94x9Ih42CzJmfbsCmCwQ2JG6znolPyKNum02syLwTOJV3pZrH1prSq78vLdmxVa31xLVW5fwj15qqX3mmNQ92IV+sdxzUuxeGNiebTj7fO+HYvzy3fWe28NOTK8ZP72u1\/ZgreI4bU4nnVpnYZLVXq3Zb9a6NWB8CzezJ\/0E7glCvBwRAXNQsgVhYUJ58UeDLf6gvX\/SOtEWjQwEu7a9f9wqWSo+OaYE816b23hLpKMtfiZx5PDEwOxeQLEqFy90r5QIskk2zS6yy2yWXWXzbJFBxbJltsrW2W1eW01\/+WVW1JqHYfqzN\/QsaC2yt+zBd\/z\/Ph\/3kUl\/cT+fup\/PkmZTCqiuA4mzHGVKBp\/1Ik\/0HNnn+cnz5x+dZC+RD7ZVEF9IrfHH\/Iuj68V19qV+pcn4Klz8iQun8PgzV165kVB8Bh9wSJ9OD5x07BDp6eCsf9p3yNLEuH5Xi+C5tb2+Xzrhya\/z2mBSDC6L4cZpEbjord7PB5ve7XoxQl20siuY9vcbCeLLxWy1QZFTLDfD6arXn\/HBZDocFvPNdAX+2czgzjdXt7P19HpWbNC3zDcQ4uFiPnvPhamOaGvAi2Et+yavdc7P3z07Pj9fn58vz8\/n5+ejbi37Nq\/V261z\/jlCuXL+9rC76fxMwePjQ\/72jruNZi37Lv828i+1t7Ws9vZ3wPz3ee38vFNrftOsPanXmt82aw2q8vedJz9\/sNn\/Z7edN\/yTduvDetkUbZyff9htPGl8uDmvbb84r+nNeW1Dvd9Rb2Pjazk\/p89\/ySHNscHz"}
@@ -961,7 +961,7 @@
02454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1183,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":3,"flow_src_last_pkt_time":1654385141046673,"flow_dst_last_pkt_time":1654385141075345,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1494,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1494,"pkt_l4_len":1460,"thread_ts_usec":1654385141075345,"pkt":"nLbQ0+MztKXvZygQCABFAAXI8DQAAPgGqG8SQE8lwKgCfgBQoa4lNEzoAYFa4YAQAIPvVgAAAQEICtL8K4SmALBIZnVuY3Rpb24gaGF2ZVNjaXJwdCgpe3ZhciBhbGxTY3I9ZG9jdW1lbnQuZ2V0RWxlbWVudHNCeVRhZ05hbWUoInNjcmlwdCIpO2Zvcih2YXIgaT0wO2k8YWxsU2NyLmxlbmd0aDtpKyspe2lmKGFsbFNjcltpXS5zcmMuaW5kZXhPZigiaHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RhZy9qcz9pZD1VQS0xNTQ3NTc5MjktNTciKT4tMSl7cmV0dXJuIHRydWV9fXJldHVybiBmYWxzZX1kb2N1bWVudC53cml0ZWxuKCIgPGRpdiBpZD0nZ29vZ2xlYWQnIG9uQ2xpY2s9XCJndGFnKCdldmVudCcsICdPbkNsaWNrJywgeydldmVudF9jYXRlZ29yeScgOiAnYWRDbGljaycsICdldmVudF9sYWJlbCcgOiAnY2xpY2tzdWNjZXNzJ30pXCIgPiIpO2RvY3VtZW50LndyaXRlbG4oIjxzY3JpcHQgdHlwZT0ndGV4dC9qYXZhc2NyaXB0Jz4iKTtkb2N1bWVudC53cml0ZWxuKCJnb29nbGVfYWRfY2xpZW50ID0gJ2NhLXB1Yi00NDAxNTQ3MTc4Mjc5NTA1JzsiKTtkb2N1bWVudC53cml0ZWxuKCIvKiBha2VtYW5nYS5jb21fQUtfMzIweDUwXzIgKi8iKTtkb2N1bWVudC53cml0ZWxuKCJnb29nbGVfYWRfc2xvdCA9ICdha2VtYW5nYS5jb21fQUtfMzIweDUwXzInOyIpO2RvY3VtZW50LndyaXRlbG4oImdvb2dsZV9hZF93aWR0aCA9IDMyMDsiKTtkb2N1bWVudC53cml0ZWxuKCJnb29nbGVfYWRfaGVpZ2h0ID0gNTA7Iik7ZG9jdW1lbnQud3JpdGVsbigiPFwvc2NyaXB0PiIpO2RvY3VtZW50LndyaXRlbG4oIjxzY3JpcHQgdHlwZT0ndGV4dC9qYXZhc2NyaXB0JyBzcmM9Jy8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL3Nob3dfYWRzLmpzJz4iKTtkb2N1bWVudC53cml0ZWxuKCI8XC9zY3JpcHQ+Iik7ZG9jdW1lbnQud3JpdGVsbigiPC9kaXY+Iik7dmFyIGhhdmVTY2lycHQxPWhhdmVTY2lycHQoKTtjb25zb2xlLmxvZygiZ29vZ2xlQWRzOiAiK2hhdmVTY2lycHQxKTtpZighaGF2ZVNjaXJwdDEpe2RvY3VtZW50LndyaXRlbG4oIjwhLS0gR2xvYmFsIHNpdGUgdGFnIChndGFnLmpzKSAtIEdvb2dsZSBBbmFseXRpY3MgLS0+Iik7ZG9jdW1lbnQud3JpdGVsbigiPHNjcmlwdCBhc3luYyBzcmM9J2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0YWcvanM\/aWQ9VUEtMTU0NzU3OTI5LTU3Jz48XC9zY3JpcHQ+Iik7ZG9jdW1lbnQud3JpdGVsbigiPHNjcmlwdD4iKTtkb2N1bWVudC53cml0ZWxuKCIgIHdpbmRvdy5kYXRhTGF5ZXIgPSB3aW5kb3cuZGF0YUxheWVyIHx8IFtdOyIpO2RvY3VtZW50LndyaXRlbG4oIiAgZnVuY3Rpb24gZ3RhZygpe2RhdGFMYXllci5wdXNoKGFyZ3VtZW50cyk7fSIpO2RvY3VtZW50LndyaXRlbG4oIiAgZ3RhZygnanMnLCBuZXcgRGF0ZSgpKTsiKTtkb2N1bWVudC53cml0ZWxuKCIiKTtkb2N1bWVudC53cml0ZWxuKCIgIGd0YWcoJ2NvbmZpZycsICdVQS0xNTQ3NTc5"}
00606{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1184,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":4,"flow_src_last_pkt_time":1654385141046673,"flow_dst_last_pkt_time":1654385141076027,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":109,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":109,"pkt_l4_len":75,"thread_ts_usec":1654385141076027,"pkt":"nLbQ0+MztKXvZygQCABFAABf8DUAAPgGrdcSQE8lwKgCfgBQoa4lNFJ8AYFa4YAYAIN\/DAAAAQEICtL8K4SmALBIMjktNTcnKTsiKTtkb2N1bWVudC53cml0ZWxuKCI8XC9zY3JpcHQ+Iil9Ow=="}
04451{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1195,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":5,"flow_src_last_pkt_time":1654385140835391,"flow_dst_last_pkt_time":1654385141204735,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":2946,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":2946,"pkt_l4_len":2912,"thread_ts_usec":1654385141204735,"pkt":"nLbQ0+MztKXvZygQCABFAAt0wQlAADQGCMKhdQ0dwKgCfgBQsWi9ChCRUtBIV4AQAOt9HwAAAQEICpcRGWy6xhdJ1P4ZNPHZYSz6gFBhe4DYHYGdSAeDl2SE4Zg0UsxG1BqwV1LiMJiwtUG+teSXcn1bfs8NT0piptaSsqo9X4ihryOf3njcmDSbUBbJkHZWBznLSCsAiWFeZYhA8C9kxr4vDT4ZAQ7Dq6O6pQH\/GTqK6jRwjwVwcDImL8TE09j9qomwL75y\/zgiG0o2sddUUjSz17TbWoRYpZZwto2Ah9QLIQBnUDMYvKx41ezlF+NZkSsdV7K2REOWveLmxqNKlDYOFEK9Ty4uTznUy1Forx8IH6x\/gebIbKYT4cT4KwuUXtDu\/jZbQcE1rvOw3ujQNG8J2pDR4hgDwLsD5ZZD+T3X8O4i6NeVR56eCtBCeJR+SqLfVAtohxnlurois8W21eQUW6dwDykR8nvmiMVaCIPtthVgre52ozDUJcpHb84l7FDZfKwGWQD4qwBj0n8nj5a4hxwhEG2p5UfFygaTjj9tKLCSyy\/949bGTn6v2WjJSkRJr2fdvxXjvNXsNJrte802OaGqAXPWdIo1ZOk3OJXMR0PGqC8Q3FqyKMazvavJqRXQlmglj1H6zcXqOS0g0dlEffAcyQoxaMSaxc0vAA19WdfkEwldO\/oW21\/w5x1iezrKB5mOfH\/FMcrzwCUp8VKepDUHgEMhljEmSwSrc4Igs5zYdlAn7OKp6EYBrlpNVr6zpszZHIBD1rzrQ8e4iAAzEus6XnxllCGGSW20FkRkOX86CGwlf3rsfs07614cQOzzeUEYWAedSXdhqbXlOAzFKpi8sthg5dBr8rkMVS1WX2zbK2Odl0G1j27l4wp3mh4jWT16sLMfe7BSi39lg6\/WNG1dfTuMLcONQOdbYrE1O5wvd4nTUJhQAIP57TuLUGVNfZJwYf5guxoXYD8rVycfTpCtLWRemDYHyavowTxxPNX0UT2sK8ZehiULm84ARCUEuPcOEmsBCi74qgIRXxPdFGWmhSZzD0JCg5XlM5JAijCC3H3C9iZ5i01JsoWSBB9Hmqnu1DRK\/JJAe61eOLRNIx7PrMv89Gr\/6XR69679QY+aDd\/j+nCSKSjJ5Lm34dqJTZkEVBZVX6xfGSGEnhtmWuWY\/vYN6QCT+28pfM\/SXELXCbMPk2+xMGTLHLh1\/HkxrRplztGkJc1QKOoo5yHnb\/Mhf4FyXhJBot3TRpV\/6j\/cwhhRr5Dz4YxTGU\/+7nGZRTqDw+CEiBE+77IwveUZQIVTeQ9FoauQcu0Nu2VodEaCZTQvAVkT2+TOHRPRxgUxkYR738iDMODpBPd358TUJKB4XuJNTggF5\/DU7LzCwhh\/d+fY1Ozsy\/cJ72\/vAlXT7C\/52Xx9W1hyR3WKnawckK6vXbSicCMQ9qYgCPKcu0bZMrGJ84fIdubWt+2O7VFMG4bBVGWP0ytv3zcd2FsFHjqHuopxaQpWxxADYiyaJPQ0LVoQUwuygmVPEIt7M1KyVhKiFrN9\/I6MzwnhnNS0jxQ5+IoZ80C+1U9DHiBCmIHflSV4W5bX68wVB2BOTzPcATpA\/97DGFAGtWDlFEbbHZ9PnSm3BTIR+\/Wc1JT4FraaNkW8QczPvdN82N1oQlXMHDhBg0OX\/wC1Ui0PLcOo+QkutYwCbv2LpMtvqYMMDDPutuwcYQqqE\/ntIFlRXJ4yRvslU1EzYfRFWAWXVmRH9Pp6Fg8lpTNPywQak6XwP8uAcmKePOm3K4eCfrFTmY\/2x7VX416gU+liLFJUjfLbRfFWASSlPfP3d8C0yAKEnOwWAihLOe6d3xA2mcYqeDAgDfzvMBWOSIkrK5yplrTL88Cxo69yDIJESwfM2sXSbKI4xd6ywW0zQZY0VLbkxkD2sqFJxDXhZ8PT0jpWWdLcu+wkg4odhjblnoPUaZ7\/sUR2lOlMOicpbGca92VnjP1qu1ZD\/RM\/JdCtd5R0dcWMfO2FXZLGN9FdDeICrLncwSwCPgAbhbgYq8bSauxraA02S8FDEIsj95pHiRZiMH2NpXCyPJ2Glg9ZpWOGMFk31tOZjAeexgUaa9E9WDPYk3euEj6oB5cgQSL+DrjGEPIIYZv8Cz\/NxiZ4k+SR6ifjU+LV2Ds8f1EMgw483wT6ehuafnOys7bU1gZJAuFTVfXoiHW4Wc6lLFhehJH\/E8d5s6QjFip7hnu8iX+fYISZJKEhanZMQRNgWNRY+N0ovdW8zNQHJPYW4HJ8oq0Dzk8hUp1nPWEATc3pAsltbA9\/XGwPUerOD4epxfQwUA7wnDPCkFjDkERAubeVzjqHKvwgZhgxAjMQ3nfRw\/qkM0Gw0Jvx8pxQQRnmgZIzuEwAXT6TvX4Me8ZF7FIZwx\/Bt3bGFmAw8LMDWENkYAngieYxwY3oE0z3+mE9Yt7VK8xSseHsLRS1TsPUKFW16150rvwYnBctwDTFhsUNq2NVelchKNuaKnHkMotkntYDmKokz5cKgGyYgXTE6TpUw42EtSWIVjLvzmIGucVfaJPB+VwWX+hPP2ObqFIQO3KRlYaN6f4Vsbgx71XzjuXB4YGZYSFlo7SpGo059Nl+oQ6wrXFz38YRISYHCj4WOfQtPccEQd0gNGNRERbA+XRwV\/jxnS35nxrng0sw40VWeWFYTw0ckCRAgxyxgSzyCX1m8vZyP1KiH\/rPc2gtD0oSutRAKWxPAjwy2799cd65DGTgmOm8WiO2gDkPg3V+2zm31gBCqx4WqNOUOgNaz+4cE5aGmQc3lD9JP7C893GL3rv8atUAvCt0WA6Z2qUfO+FKWl3oze2pP05hIwOBnO2s2SqpSEAdJvykh5tWUifIbdqEINbMdbti0RiOyElXa2aFXXeloZx6h7x4PMvI6+PBqJdWy+GkEPGHU+cb9Icyrejas6pqxx\/or9VP+tdqBc+Ks98hCK0YSxFN3x5x1JN1yMyU3CB6MXFOF\/3N7BHoVQ7pESElojv0sliX5iP5nZJldSiRoWhwBAz6o3iGIiRncG2BkNRv3yEWpYjqah5Q8mcodW9czWTrYLLEIvrgzH8kKL+11kcDAobvYNyX5hwKwqblG+JPmyFgJmRGfIm7xk76AGZa9XLSbV5iBQs6h6RxfKhiLcHW2DFFeO3ERRwpEt0\/INO9WATEBiA4UH+UJUHajlnQPKwUkcODDaVSDTAPhXi\/YjUJo+FWk5TYujsnCNpxeJiYRx6359RkEmKKRfSNwsqKDrKVPUNphCvLBejNjF5b7Co5ZBjgWThPuBbfOXdqTTe1ImBpaoltEl4mTCnTUcIsh61JiuIw+AkDGi2GWYXenCkEmyb2rIGK1WTIH\/oXQEGHYwMg1ByG2LcUnr7Ij4ZNfe4lLxW1RhQP51gK8ve0FWd9rWcg+4V58d7naav5HwJa3fpg+aDCaD04\/O23\/\/iX7r\/e22m1D3\/7cHVzLcsJ8pT+y91mUqtur3kdF6Dd\/ded1k7\/t99+I3uHtL+NLi1ZwQcZRTT\/ZZMaEoT\/iwSfRGdwQks\/kEo2POua\/2wR9BjjcKgVdSEsmYLUh1WRtZngIIrTaVJo58Wz+bZsxohCz3CUfQ0pcdKEsQ1ad7dnzd\/yBv\/BzzfvtWQW+T7\/mMu2sn2vVe4g1sffUOuGo1smo4Fq4f6j+6+s3W8P8MSGP72HtQfVJuNceYpJ9uhE\/2rBEdyjxvElLaEqQCXAB9Wk4BLCaIym54oiTq7iPV5SM3KWpSPqNcY1Dut\/EEW0rrpxlQi59TnUtv6YnTQBCjUfyWesLLeHOP1qeBhi+jUH2t6KXpMZlv9cCz1zpV5yo5LClWAhns1ePKMkHD\/JpcvVRhDjQyhC+EqtEpJOeQ8octF1JjFrlszcZGihuOzShFhY9qDyqJgseCq3Ws4MUIFuUn4t"}
-02233{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1226,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":29,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385140959776,"flow_dst_last_pkt_time":1654385142015753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":8640,"flow_src_tot_l4_payload_len":1625,"flow_dst_tot_l4_payload_len":79973,"midstream":1,"thread_ts_usec":1654385142015753,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":331,"avg":84919.3,"max":408625,"stddev":132393.4,"var":17528006656.0,"ent":3.3,"data": [380392,4573,408625,215737,457,986,1014,178521,331,482,379636,185383,1426,654,331743,5741,174159,6079,334,924,170502,413,6008,1070,341,710,169481,463,585,5307,422]},"pktlen": {"min":476,"avg":2601.9,"max":8692,"stddev":2200.3,"var":4841425.0,"ent":4.6,"data": [817,1492,1253,488,1492,1492,7252,4372,1492,1492,2504,476,2932,8692,1492,2932,8692,2932,1492,1492,7252,1492,1492,2932,1492,1492,2932,1492,1492,2932,1492,1492]},"bins": {"c_to_s": [0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,16,0,12]},"directions": [0,1,1,0,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1],"entropies": [5.859029770,7.746788025,7.815745831,5.897830009,7.640064240,7.862792492,7.967751980,7.950705051,7.860798836,7.868959904,7.893837929,5.886357784,7.845828056,7.976538658,7.857397079,7.933415890,7.973951340,7.934168339,7.877964020,7.860165596,7.967057228,7.876602173,7.849090099,7.929278374,7.849063396,7.848120213,7.928964138,7.852302074,7.863938808,7.928197861,7.863379478,7.881860733]},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+02235{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1226,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":29,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385140959776,"flow_dst_last_pkt_time":1654385142015753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":8640,"flow_src_tot_l4_payload_len":1625,"flow_dst_tot_l4_payload_len":79973,"midstream":1,"thread_ts_usec":1654385142015753,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":331,"avg":84919.3,"max":408625,"stddev":132393.4,"var":17528006656.0,"ent":3.3,"data": [380392,4573,408625,215737,457,986,1014,178521,331,482,379636,185383,1426,654,331743,5741,174159,6079,334,924,170502,413,6008,1070,341,710,169481,463,585,5307,422]},"pktlen": {"min":476,"avg":2601.9,"max":8692,"stddev":2200.3,"var":4841425.0,"ent":4.6,"data": [817,1492,1253,488,1492,1492,7252,4372,1492,1492,2504,476,2932,8692,1492,2932,8692,2932,1492,1492,7252,1492,1492,2932,1492,1492,2932,1492,1492,2932,1492,1492]},"bins": {"c_to_s": [0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,16,0,12]},"directions": [0,1,1,0,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1],"entropies": [5.859029770,7.746788025,7.815745831,5.897830009,7.640064240,7.862792492,7.967751980,7.950705051,7.860798836,7.868959904,7.893837929,5.886357784,7.845828056,7.976538658,7.857397079,7.933415890,7.973951340,7.934168339,7.877964020,7.860165596,7.967057228,7.876602173,7.849090099,7.929278374,7.849063396,7.848120213,7.928964138,7.852302074,7.863938808,7.928197861,7.863379478,7.881860733]},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00783{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1237,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385142293700,"flow_src_last_pkt_time":1654385142293700,"flow_dst_last_pkt_time":1654385142293700,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":517,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385142293700,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"119.28.164.143","src_port":51888,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
01222{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1237,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":154,"flow_packet_id":1,"flow_src_last_pkt_time":1654385142293700,"flow_dst_last_pkt_time":1654385142293700,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1654385142293700,"pkt":"tKXvZygQnLbQ0+MzCABFAAItm2FAAEAGvpfAqAJ+dxykj8qwAFA1Ocr3U6+amlAYAfbg8QAAR0VUIC9xem9uZS9vcGVuYXBpL3FjLTEuMC4xLmpzIEhUVFAvMS4xDQpIb3N0OiBxem9uZXN0eWxlLmd0aW1nLmNuDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgMTE7IHNka19ncGhvbmVfeDg2IEJ1aWxkL1JTUjEuMjAxMDEzLjAwMTsgd3YpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vNC4wIENocm9tZS84My4wLjQxMDMuMTA2IE1vYmlsZSBTYWZhcmkvNTM3LjM2DQpJbnRlcnZlbnRpb246IDxodHRwczovL3d3dy5jaHJvbWVzdGF0dXMuY29tL2ZlYXR1cmUvNTcxODU0Nzk0Njc5OTEwND47IGxldmVsPSJ3YXJuaW5nIg0KQWNjZXB0OiAqLyoNClgtUmVxdWVzdGVkLVdpdGg6IGNvbS5zY2VuZXdheS5rYW5rYW4NClJlZmVyZXI6IGh0dHA6Ly9tYW5nYXdlYi4xa3h1bi5tb2JpLw0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuLVVTLGVuO3E9MC45DQoNCg=="}
01395{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1237,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385142293700,"flow_src_last_pkt_time":1654385142293700,"flow_dst_last_pkt_time":1654385142293700,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":517,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385142293700,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"119.28.164.143","src_port":51888,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"qzonestyle.gtimg.cn","http": {"url":"qzonestyle.gtimg.cn\/qzone\/openapi\/qc-1.0.1.js","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
@@ -1040,21 +1040,21 @@
04390{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1487,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":163,"flow_packet_id":5,"flow_src_last_pkt_time":1654385156800184,"flow_dst_last_pkt_time":1654385156833955,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":2902,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":2902,"pkt_l4_len":2868,"thread_ts_usec":1654385156833955,"pkt":"nLbQ0+MztKXvZygQCABFAAtIHaQAAHsGlKqs2RJiwKgCfgBQrVDIz3IsXVm79oAYAQWNnAAAAQEICjsKomxlPCxhbdFxZOtbON3F7zmWQqZFsW6xYbpW7pGQ2Ik4cygk4XCudROvnPDyfZ+YiXoWW8OR9r83Gf12EaqgcrlWF6iMdf1kWu3I1EKK28ATtjFtiesi1Pi43Ra7Uvpzzt7ucD5w+RfQlWFpRD3zrZgNQEcsk3aljX7M250E1CyQ5qy4YEAL0oEZkjgeff8tKaKMYYVTxj6I1l1dVWnDa2XqKBAVCi2hCKWLJDHFZkd+BmTSo\/hAqN89ma6Eg8GcDhulcOxbWRrrDZ+Ff6H+uHarS+tvau1nJ3XNXG8lZhXlSvgLyZosZvUsCV7cMRHdiGOHRSEqrK1lOg\/qe8JLVui11Pm2b+kDSyi63sR1f7sqTN7VNXDsYWaFw7QVb1LQ4AescOwzd4UMYyivHLnTKfFdetJq9JI\/\/nNf0Taxzw1NMVTGElQ4ppMUphsSphtpTI9r+mXJil1EK23cWLKRPmUQInF4hWhsuyjh7h3XPqH95JKGmCguZ4ht2DYvC3gSDsOZi+uAtCPdkokcYr7b6ISdM9Ps\/IslfFchS2LbO6bkoqffCe97Ip9jCYGEFL+AnMdXOPqdpUVToAltbNDKb6cLDYDIKtujBLlQlDbUblqLheTFH4FsGhMec2Z1LFMy0cytthUdlWMTF6\/iu3gVcyDQ5wykiMmLMidxdMmwKAQZCoBMzFgrleeJ9kpjGfpDqtQghP1AoR90\/w4xbe79bVJcicYbd5t3JqFETalrFgrOJZDlhHm8g6KbaMJmTXSyS54RUGNtLaAH7iJNOGpxJohpgo7EZIQUZ6ODs5PjyNLE31Ucz0QeR4Z+08lrS9R+LpOv1+BnF5dQ\/Mqqoxz53sqzZZJigNbJIigOxZsrUgwLpLiJ1jmQtLcyzgtCLafYRHUu6x2al4ClBvgPtBpOlNuqRAtKbZvS0oAarVk+nY3E1vCkJjRt0YYX+naqUR3Prjw6MRo7SFqcTly\/C\/W7wBuGFLR48jWEFe5041pNu32PH+mBXsnE9WBlGsMNX5mK4aYyExK3aBYnjTIu5UrmwKLUgJN5tM4Dz3U1PckfXC1eNS40MADS8BtTXROwzRWIq+nbtDEXm4tcVvSdzHwQ1istSSIIgnSh\/7YyZmOem5giI2mvrpJ0aYAvFN98VfFCpnQJC2+lIas98tO7XRtG3U6srW2eRaJie\/F8sGnFrRinK3K2tyV9XF+VBSWcrJ28eWX1AP5tI8WwNY3t70RryqESBGg79LgLfcJ31BW4+ElnxdZS\/XZgpWynYRVToxKnQpZMhbjmZgER4id6EbT0jFaJHdOlTcUDRNdPUHJc2TL3PgNipvikVwrgGl2xtsZapTyFUdWiTxc\/eouh3ZQNV3ch0TKBs2\/xEzgwIl3IWlYMFktn6L62BrhuwQNUYTE\/GjbZ0WF6twNYTnOuiiKA\/27xTN0kHKw6fMemeN2ujPgfXjlSNj7WArrZdLw4i4dr2eskhswOXfICHeY3x9rvsDMMDxRVAPjYsz6eaPmt9pijEPUUvqLG06enfqRMjmGyx297YrLHsQNj72rMc\/9WJzA6BPAEl1MkxU4AKj4zWkygOQrWCZKTBQeK3wFRu6evBtrCQodMDwb4G72\/YVJWPSidFpl9LZ4tPAwS0Reo2U8TJ1DtO6tQk5dfBpY9B4fDIKAiPjKKrv2B8G8Hrt1jAn8IOvnDypSKvyizCo0AxF7bFKpMkx4ZsdmaYtt5vrydpzom9hV68lt1GI65CEjaf1T9GZKR6B2mmmossKTEavJhNeVQLEoxshjDPLNXkZYVb4A\/ILBkzhLThQ\/LCVG2WpdX63RhGG1HVOuIancsXgdQAX1\/WXcj8S1aJUwpkcwdQE7YabJIMsJDZXiazESLHKxDWJuIppiU7mk0WICho6+64nheRC+tmF46QOqzQDlIE0sxPpqD2vg+ZkdnCbpNZQ+rvR75tbBywix7lC1KsPvmISy1QyaSd+J9eFm\/Kw6Y1rUPsKdFnC5uWCLwaNZNU3WAva0b2rqaKevjlrVwued2Cvp2Y9Jzpry5GwFyqB2GgHZvur3KPl6Rax2kaUfTuKNYaJJ11naH+\/XHNvCIblho23trdVVeJNocs3RSMHh5fmAiEJPT5pm5E+zR5refXzcPv+yyxYbIwuKIRDhisW0GEMlReiNvWXmNFFjfN3V5FFo3SQtQvA9wYO0oC+IGPYvrmCCcUW\/2KOAGue643bScRWtwtbbDCoMWepQM4oBCdtoRmvA+CWTpWyC0UDFbkjaOrQQigowOihGWPrTYdlPiqDK0Ssbj\/gNzYYgOjEKFd0CA9SPAsxO5Y2dLz+gDOEdcY\/xEDYTLTFJQrfrJuspT6q9NUOYT\/oVZCwNUAxM6kDUGSoWn1Ln4iNkcJJODpn+yElaUz4L0gDCue9oj3cLzUaSnpLebUWSAu3vFoy4asyIG0iZAtVRGwLT2e\/YI+gnVu50l6kzs\/0I1G8dSUwoOrJW2DWK0arPjVJgDljikqlkUVN1uSLEw+8nHdFT7oN90RTpRx6m3HoopvO+M0OzL03ryDE7sA5\/VOvv5GME1SVjFmyTJLifur3k4cacrZIW5yMXWoc1P+yuzUc8dKlzpYDiu0ZARR3j6jPvpRl+oKzhwRlI8SjHl0fjhlPqWuc5e6PadKXPwttwVoGzM+9yjwsQKp47TyOMEwZ2mg4xM9XCb14Yfk7\/GUkS8hcG6pr9gfueaUhwkZ20NKKTHj4uwqDqP8UH05+0Mnu5rYqOs4Hd+qYz6oT8UngHgLlE8MdC696imXPnXpgd\/2p8ZmdLpQWtIgBWBwSso\/4u\/uZzgoksVfmdiJbdjsNNY0cmMBAk4fZYE7Ovq6TMUgBXL\/67pp5bA2i9p5su5AgEYn6E5inpFcN5wbi06X2RStocnMhIpS2PmBKy9r\/lWh8Rqt7J2VpYWwtO5hYaFtoKt\/XQRadvbmFUBQSKvakoeLPWMwl4\/R5jqZxSyNB7aK+OcRZTvQjKn0QACpaR5y6I+tyZarKRwAZj\/GzRKgFXjRgFu8tHfCf61R332MxiQoUM3EgDh6ENAM4QDn\/4Mx\/MZPvTcB98d4lM\/HPbwd+DOaMVjMiEDfJiO5hObtjGbEJvmuaOtsc58zJv10ER\/x+8W88DofPyDiEhhIV2CosbH12BGKJ1mT9ZxnK4jyKnD4PtodsY8cWkxd5w3OGdSI4JekasKc\/oRWGir5Mq4Lli2qnQV0BDKbI\/d0mjS3xRU9hf6m5dR+GMWgz8C2oYJtD2fAGF1nVOXzdWXSR9w+NIyN\/6hXv2j+7dr9CvqXv0DH7rq37iXm9bd0B070QEp8pKS599oFcyvaEMFxiyNFEPUfKergdjL1s1HgOR3zGjZGSE6G3\/NYue604bt6LvdJQW6re1+Od3fHg3GoyEsN+rjrMRsgHp9aK8l4HYUYMClboQd10yLiV23jXxDNMDjZsiaDmcALobPYLoS3fymVg\/QFAF+qrDWvIsCFyprCnWnzhmRoxUUU8n7wjEwoCHPkuThcPmKdG2+Ig\/\/ZEUmVtVhemUe\/vnKPEyvzMPXrUzPBpR2CBAodJHrMAcH\/Yqs\/y6ttwo\/Nq4L5l9vNkLdx3xqtw3\/D2az8bT7NCBhfzZ68mZjrf109Y\/2Bq4K+HyFD09vNA1KuXSLIWDSx6GqEGsERDJkxwj+9ptHuPytQEa27kNa4CaL0RziNkA8ZBBnfK9vWuxhj4koOPZF58Z+YfSsbCrjK0GdKPNnM00NVbkrOkGhbuwsibqxMzTqjHjuh9kAKdPAzkipyQrTh8Kyew=="}
00785{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1503,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156962711,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385156962711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1112,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1112,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1112,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156962711,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50140,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
02033{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1503,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_packet_id":1,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385156962711,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1178,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1178,"pkt_l4_len":1144,"thread_ts_usec":1654385156962711,"pkt":"tKXvZygQnLbQ0+MzCABFAASM3BpAAEAG6JjAqAJ+oXUNHcPcAFCL3GIckxS0LIAYAfZ2NwAAAQEICrrGVYyXEVb4R0VUIC9pbWFnZXMvcmVhZHBhZ2VfcmV2aXNpb24vbGVmdC5wbmcgSFRUUC8xLjENCkhvc3Q6IG1hbmdhd2ViLjFreHVuLm1vYmkNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCAxMTsgc2RrX2dwaG9uZV94ODYgQnVpbGQvUlNSMS4yMDEwMTMuMDAxOyB3dikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgVmVyc2lvbi80LjAgQ2hyb21lLzgzLjAuNDEwMy4xMDYgTW9iaWxlIFNhZmFyaS81MzcuMzYNCkFjY2VwdDogaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLGltYWdlLyosKi8qO3E9MC44DQpYLVJlcXVlc3RlZC1XaXRoOiBjb20uc2NlbmV3YXkua2Fua2FuDQpSZWZlcmVyOiBodHRwOi8vbWFuZ2F3ZWIuMWt4dW4ubW9iaS8NCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuOQ0KQ29va2llOiBfX3FjX3dJZD00NzI7IHBndl9wdmlkPTE1NzkxOTkyODA7IGFjY2Vzc190b2tlbj1udWxsOyBfX2dhZHM9SUQ9ZmMwZjIyZjc4ZDgyZmI0NC0yMmM0OWUxN2E4Y2QwMGMxOlQ9MTY1NDM4NTE0MzpSVD0xNjU0Mzg1MTQzOlM9QUxOSV9NWXFDLU9SNDBUYVFMUEl1N3Zoa1otLVUxdG0tUTsgX2dhPUdBMS4yLjY5NDUyNDUyOC4xNjU0Mzg1MTQyOyBfZ2lkPUdBMS4yLjIwNDk4NjE2MjcuMTY1NDM4NTE0MzsgX2dhdD0xOyBfZ2F0X2d0YWdfVUFfMTU0NzU3OTI5XzU3PTE7IF90dF9lbmFibGVfY29va2llPTE7IF90dHA9ZTg0NjM5YjctOTQwMC00MDZjLTk3ZTEtMDNmOGRhNDgxNWY4OyBpc19zYXZlX2Nvb2tpZT11c0lNdkhreFA0SkRYaGM7IF9jcmVhdGVfZGF0ZT0yMDIyLzYvNDsgbm9uX25hdGl2ZV9kb21haW49aHR0cHM6Ly9ha2VtYW5nYS5vci1mcm5kLmNvbTsgX3ZlcnNpb249djIwMjAwNTA1OyBfZ2VuZXJhbF9zdWJzY3JpYmU9MjsgY2xvdWRvd2xzX3V1aWQ9MzViZjM2ZGYtMGJhZS1lMDkyLWYyYjEtYjczOWY1NmMzZWNkOyBjbG91ZG93bHNfaXNfc3Vic2NyaWJlPTE7IHN1YnNjcmliZV9nZW5lcmFsX3Rva2VuPTM1YmYzNmRmLTBiYWUtZTA5Mi1mMmIxLWI3MzlmNTZjM2VjZDsgbGFzdF91cmw9bnVsbA0KDQo="}
-01413{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1503,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156962711,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385156962711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1112,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1112,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1112,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156962711,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50140,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/left.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01415{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1503,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156962711,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385156962711,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1112,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1112,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1112,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156962711,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50140,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/left.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00785{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1505,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156971856,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385156971856,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1114,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1114,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156971856,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50148,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
02037{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1505,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_packet_id":1,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385156971856,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1180,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1180,"pkt_l4_len":1146,"thread_ts_usec":1654385156971856,"pkt":"tKXvZygQnLbQ0+MzCABFAASO+8pAAEAGyObAqAJ+oXUNHcPkAFB6Mp7uO+mvZYAYAfZ2OQAAAQEICrrGVZWXEVb4R0VUIC9pbWFnZXMvcmVhZHBhZ2VfcmV2aXNpb24vbGlrZV8xLnBuZyBIVFRQLzEuMQ0KSG9zdDogbWFuZ2F3ZWIuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBzZGtfZ3Bob25lX3g4NiBCdWlsZC9SU1IxLjIwMTAxMy4wMDE7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODMuMC40MTAzLjEwNiBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KQWNjZXB0OiBpbWFnZS93ZWJwLGltYWdlL2FwbmcsaW1hZ2UvKiwqLyo7cT0wLjgNClgtUmVxdWVzdGVkLVdpdGg6IGNvbS5zY2VuZXdheS5rYW5rYW4NClJlZmVyZXI6IGh0dHA6Ly9tYW5nYXdlYi4xa3h1bi5tb2JpLw0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpBY2NlcHQtTGFuZ3VhZ2U6IGVuLVVTLGVuO3E9MC45DQpDb29raWU6IF9fcWNfd0lkPTQ3MjsgcGd2X3B2aWQ9MTU3OTE5OTI4MDsgYWNjZXNzX3Rva2VuPW51bGw7IF9fZ2Fkcz1JRD1mYzBmMjJmNzhkODJmYjQ0LTIyYzQ5ZTE3YThjZDAwYzE6VD0xNjU0Mzg1MTQzOlJUPTE2NTQzODUxNDM6Uz1BTE5JX01ZcUMtT1I0MFRhUUxQSXU3dmhrWi0tVTF0bS1ROyBfZ2E9R0ExLjIuNjk0NTI0NTI4LjE2NTQzODUxNDI7IF9naWQ9R0ExLjIuMjA0OTg2MTYyNy4xNjU0Mzg1MTQzOyBfZ2F0PTE7IF9nYXRfZ3RhZ19VQV8xNTQ3NTc5MjlfNTc9MTsgX3R0X2VuYWJsZV9jb29raWU9MTsgX3R0cD1lODQ2MzliNy05NDAwLTQwNmMtOTdlMS0wM2Y4ZGE0ODE1Zjg7IGlzX3NhdmVfY29va2llPXVzSU12SGt4UDRKRFhoYzsgX2NyZWF0ZV9kYXRlPTIwMjIvNi80OyBub25fbmF0aXZlX2RvbWFpbj1odHRwczovL2FrZW1hbmdhLm9yLWZybmQuY29tOyBfdmVyc2lvbj12MjAyMDA1MDU7IF9nZW5lcmFsX3N1YnNjcmliZT0yOyBjbG91ZG93bHNfdXVpZD0zNWJmMzZkZi0wYmFlLWUwOTItZjJiMS1iNzM5ZjU2YzNlY2Q7IGNsb3Vkb3dsc19pc19zdWJzY3JpYmU9MTsgc3Vic2NyaWJlX2dlbmVyYWxfdG9rZW49MzViZjM2ZGYtMGJhZS1lMDkyLWYyYjEtYjczOWY1NmMzZWNkOyBsYXN0X3VybD1udWxsDQoNCg=="}
-01415{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1505,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156971856,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385156971856,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1114,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1114,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156971856,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50148,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/like_1.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01417{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1505,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156971856,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385156971856,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1114,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1114,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156971856,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50148,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/like_1.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00785{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1506,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156978849,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385156978849,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1118,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1118,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1118,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156978849,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50164,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
02042{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1506,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":1,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385156978849,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1184,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1184,"pkt_l4_len":1150,"thread_ts_usec":1654385156978849,"pkt":"tKXvZygQnLbQ0+MzCABFAASS0r1AAEAG8e\/AqAJ+oXUNHcP0AFAuouTn4gYGxIAYAfZ2PQAAAQEICrrGVZyXEVcFR0VUIC9pbWFnZXMvcmVhZHBhZ2VfcmV2aXNpb24vbW9yZV93aGl0ZS5wbmcgSFRUUC8xLjENCkhvc3Q6IG1hbmdhd2ViLjFreHVuLm1vYmkNCkNvbm5lY3Rpb246IGtlZXAtYWxpdmUNClVzZXItQWdlbnQ6IE1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCAxMTsgc2RrX2dwaG9uZV94ODYgQnVpbGQvUlNSMS4yMDEwMTMuMDAxOyB3dikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgVmVyc2lvbi80LjAgQ2hyb21lLzgzLjAuNDEwMy4xMDYgTW9iaWxlIFNhZmFyaS81MzcuMzYNCkFjY2VwdDogaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLGltYWdlLyosKi8qO3E9MC44DQpYLVJlcXVlc3RlZC1XaXRoOiBjb20uc2NlbmV3YXkua2Fua2FuDQpSZWZlcmVyOiBodHRwOi8vbWFuZ2F3ZWIuMWt4dW4ubW9iaS8NCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuOQ0KQ29va2llOiBfX3FjX3dJZD00NzI7IHBndl9wdmlkPTE1NzkxOTkyODA7IGFjY2Vzc190b2tlbj1udWxsOyBfX2dhZHM9SUQ9ZmMwZjIyZjc4ZDgyZmI0NC0yMmM0OWUxN2E4Y2QwMGMxOlQ9MTY1NDM4NTE0MzpSVD0xNjU0Mzg1MTQzOlM9QUxOSV9NWXFDLU9SNDBUYVFMUEl1N3Zoa1otLVUxdG0tUTsgX2dhPUdBMS4yLjY5NDUyNDUyOC4xNjU0Mzg1MTQyOyBfZ2lkPUdBMS4yLjIwNDk4NjE2MjcuMTY1NDM4NTE0MzsgX2dhdD0xOyBfZ2F0X2d0YWdfVUFfMTU0NzU3OTI5XzU3PTE7IF90dF9lbmFibGVfY29va2llPTE7IF90dHA9ZTg0NjM5YjctOTQwMC00MDZjLTk3ZTEtMDNmOGRhNDgxNWY4OyBpc19zYXZlX2Nvb2tpZT11c0lNdkhreFA0SkRYaGM7IF9jcmVhdGVfZGF0ZT0yMDIyLzYvNDsgbm9uX25hdGl2ZV9kb21haW49aHR0cHM6Ly9ha2VtYW5nYS5vci1mcm5kLmNvbTsgX3ZlcnNpb249djIwMjAwNTA1OyBfZ2VuZXJhbF9zdWJzY3JpYmU9MjsgY2xvdWRvd2xzX3V1aWQ9MzViZjM2ZGYtMGJhZS1lMDkyLWYyYjEtYjczOWY1NmMzZWNkOyBjbG91ZG93bHNfaXNfc3Vic2NyaWJlPTE7IHN1YnNjcmliZV9nZW5lcmFsX3Rva2VuPTM1YmYzNmRmLTBiYWUtZTA5Mi1mMmIxLWI3MzlmNTZjM2VjZDsgbGFzdF91cmw9bnVsbA0KDQo="}
-01419{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1506,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156978849,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385156978849,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1118,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1118,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1118,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156978849,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50164,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/more_white.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01421{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1506,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156978849,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385156978849,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1118,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1118,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1118,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156978849,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50164,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/more_white.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00785{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1507,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156997634,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385156997634,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1113,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1113,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1113,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156997634,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50166,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
02033{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1507,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_packet_id":1,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385156997634,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1179,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1179,"pkt_l4_len":1145,"thread_ts_usec":1654385156997634,"pkt":"tKXvZygQnLbQ0+MzCABFAASNFH5AAEAGsDTAqAJ+oXUNHcP2AFChqIPWvwX7zYAYAfZ2OAAAAQEICrrGVa6XEVcPR0VUIC9pbWFnZXMvcmVhZHBhZ2VfcmV2aXNpb24vcmlnaHQucG5nIEhUVFAvMS4xDQpIb3N0OiBtYW5nYXdlYi4xa3h1bi5tb2JpDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgMTE7IHNka19ncGhvbmVfeDg2IEJ1aWxkL1JTUjEuMjAxMDEzLjAwMTsgd3YpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vNC4wIENocm9tZS84My4wLjQxMDMuMTA2IE1vYmlsZSBTYWZhcmkvNTM3LjM2DQpBY2NlcHQ6IGltYWdlL3dlYnAsaW1hZ2UvYXBuZyxpbWFnZS8qLCovKjtxPTAuOA0KWC1SZXF1ZXN0ZWQtV2l0aDogY29tLnNjZW5ld2F5Lmthbmthbg0KUmVmZXJlcjogaHR0cDovL21hbmdhd2ViLjFreHVuLm1vYmkvDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjkNCkNvb2tpZTogX19xY193SWQ9NDcyOyBwZ3ZfcHZpZD0xNTc5MTk5MjgwOyBhY2Nlc3NfdG9rZW49bnVsbDsgX19nYWRzPUlEPWZjMGYyMmY3OGQ4MmZiNDQtMjJjNDllMTdhOGNkMDBjMTpUPTE2NTQzODUxNDM6UlQ9MTY1NDM4NTE0MzpTPUFMTklfTVlxQy1PUjQwVGFRTFBJdTd2aGtaLS1VMXRtLVE7IF9nYT1HQTEuMi42OTQ1MjQ1MjguMTY1NDM4NTE0MjsgX2dpZD1HQTEuMi4yMDQ5ODYxNjI3LjE2NTQzODUxNDM7IF9nYXQ9MTsgX2dhdF9ndGFnX1VBXzE1NDc1NzkyOV81Nz0xOyBfdHRfZW5hYmxlX2Nvb2tpZT0xOyBfdHRwPWU4NDYzOWI3LTk0MDAtNDA2Yy05N2UxLTAzZjhkYTQ4MTVmODsgaXNfc2F2ZV9jb29raWU9dXNJTXZIa3hQNEpEWGhjOyBfY3JlYXRlX2RhdGU9MjAyMi82LzQ7IG5vbl9uYXRpdmVfZG9tYWluPWh0dHBzOi8vYWtlbWFuZ2Eub3ItZnJuZC5jb207IF92ZXJzaW9uPXYyMDIwMDUwNTsgX2dlbmVyYWxfc3Vic2NyaWJlPTI7IGNsb3Vkb3dsc191dWlkPTM1YmYzNmRmLTBiYWUtZTA5Mi1mMmIxLWI3MzlmNTZjM2VjZDsgY2xvdWRvd2xzX2lzX3N1YnNjcmliZT0xOyBzdWJzY3JpYmVfZ2VuZXJhbF90b2tlbj0zNWJmMzZkZi0wYmFlLWUwOTItZjJiMS1iNzM5ZjU2YzNlY2Q7IGxhc3RfdXJsPW51bGwNCg0K"}
-01414{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1507,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156997634,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385156997634,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1113,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1113,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1113,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156997634,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50166,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/right.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01416{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1507,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385156997634,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385156997634,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1113,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1113,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1113,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385156997634,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50166,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/readpage_revision\/right.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
00785{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1508,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385157001678,"flow_src_last_pkt_time":1654385157001678,"flow_dst_last_pkt_time":1654385157001678,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1119,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1119,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1119,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385157001678,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50176,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
02041{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1508,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":168,"flow_packet_id":1,"flow_src_last_pkt_time":1654385157001678,"flow_dst_last_pkt_time":1654385157001678,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1185,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1185,"pkt_l4_len":1151,"thread_ts_usec":1654385157001678,"pkt":"tKXvZygQnLbQ0+MzCABFAASTjHtAAEAGODHAqAJ+oXUNHcQAAFCrgt7ji0XD5YAYAfZ2PgAAAQEICrrGVbOXEVcWR0VUIC9pbWFnZXMvbGlzdF9kZWZhdWx0LnBuZyBIVFRQLzEuMQ0KSG9zdDogbWFuZ2F3ZWIuMWt4dW4ubW9iaQ0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDExOyBzZGtfZ3Bob25lX3g4NiBCdWlsZC9SU1IxLjIwMTAxMy4wMDE7IHd2KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzQuMCBDaHJvbWUvODMuMC40MTAzLjEwNiBNb2JpbGUgU2FmYXJpLzUzNy4zNg0KQWNjZXB0OiBpbWFnZS93ZWJwLGltYWdlL2FwbmcsaW1hZ2UvKiwqLyo7cT0wLjgNClgtUmVxdWVzdGVkLVdpdGg6IGNvbS5zY2VuZXdheS5rYW5rYW4NClJlZmVyZXI6IGh0dHA6Ly9tYW5nYXdlYi4xa3h1bi5tb2JpL2Nzcy9hcHAuY3NzPzE0OTA1DQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjkNCkNvb2tpZTogX19xY193SWQ9NDcyOyBwZ3ZfcHZpZD0xNTc5MTk5MjgwOyBhY2Nlc3NfdG9rZW49bnVsbDsgX19nYWRzPUlEPWZjMGYyMmY3OGQ4MmZiNDQtMjJjNDllMTdhOGNkMDBjMTpUPTE2NTQzODUxNDM6UlQ9MTY1NDM4NTE0MzpTPUFMTklfTVlxQy1PUjQwVGFRTFBJdTd2aGtaLS1VMXRtLVE7IF9nYT1HQTEuMi42OTQ1MjQ1MjguMTY1NDM4NTE0MjsgX2dpZD1HQTEuMi4yMDQ5ODYxNjI3LjE2NTQzODUxNDM7IF9nYXQ9MTsgX2dhdF9ndGFnX1VBXzE1NDc1NzkyOV81Nz0xOyBfdHRfZW5hYmxlX2Nvb2tpZT0xOyBfdHRwPWU4NDYzOWI3LTk0MDAtNDA2Yy05N2UxLTAzZjhkYTQ4MTVmODsgaXNfc2F2ZV9jb29raWU9dXNJTXZIa3hQNEpEWGhjOyBfY3JlYXRlX2RhdGU9MjAyMi82LzQ7IG5vbl9uYXRpdmVfZG9tYWluPWh0dHBzOi8vYWtlbWFuZ2Eub3ItZnJuZC5jb207IF92ZXJzaW9uPXYyMDIwMDUwNTsgX2dlbmVyYWxfc3Vic2NyaWJlPTI7IGNsb3Vkb3dsc191dWlkPTM1YmYzNmRmLTBiYWUtZTA5Mi1mMmIxLWI3MzlmNTZjM2VjZDsgY2xvdWRvd2xzX2lzX3N1YnNjcmliZT0xOyBzdWJzY3JpYmVfZ2VuZXJhbF90b2tlbj0zNWJmMzZkZi0wYmFlLWUwOTItZjJiMS1iNzM5ZjU2YzNlY2Q7IGxhc3RfdXJsPW51bGwNCg0K"}
-01402{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1508,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385157001678,"flow_src_last_pkt_time":1654385157001678,"flow_dst_last_pkt_time":1654385157001678,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1119,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1119,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1119,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385157001678,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50176,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/list_default.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
+01404{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1508,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385157001678,"flow_src_last_pkt_time":1654385157001678,"flow_dst_last_pkt_time":1654385157001678,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1119,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1119,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1119,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385157001678,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50176,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"mangaweb.1kxun.mobi","http": {"url":"mangaweb.1kxun.mobi\/images\/list_default.png","code":0,"content_type":"","user_agent":"Mozilla\/5.0 (Linux; Android 11; sdk_gphone_x86 Build\/RSR1.201013.001; wv) AppleWebKit\/537.36 (KHTML, like Gecko) Version\/4.0 Chrome\/83.0.4103.106 Mobile Safari\/537.36","detected_os":"Android 11"}}}
01567{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1509,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_packet_id":2,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385157145999,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":748,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":748,"pkt_l4_len":714,"thread_ts_usec":1654385157145999,"pkt":"nLbQ0+MztKXvZygQCABFAALe44NAADQG7t2hdQ0dwKgCfgBQw9yTFLQsi9xmdIAYAPSXNAAAAQEICpcRV7G6xlWMSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo1NyBHTVQNCkNvbnRlbnQtVHlwZTogaW1hZ2UvcG5nDQpDb250ZW50LUxlbmd0aDogMzY2DQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpMYXN0LU1vZGlmaWVkOiBGcmksIDE2IE9jdCAyMDIwIDA3OjExOjEwIEdNVA0KRVRhZzogIjVmODk0NzhlLTE2ZSINCkV4cGlyZXM6IEZyaSwgMDIgU2VwIDIwMjIgMjM6MjU6NTcgR01UDQpDYWNoZS1Db250cm9sOiBtYXgtYWdlPTc3NzYwMDANCkFjY2VwdC1SYW5nZXM6IGJ5dGVzDQoNColQTkcNChoKAAAADUlIRFIAAABaAAAAWggDAAAAD3axMAAAAFFQTFRFAAAA\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/CDfnXgAAABp0Uk5TAOEQHt3X0s4WI+fFBvPkMNPJq0tAC7VRUC7\/IHCDAAAAsklEQVRYw+3W6wqDMAwF4Fi13nX3y3n\/Bx1dmT\/mYBZSsHK+BziEkiYRIiIiIiLaC3M6Sxx9B1wkBlMBGO6iz3Rwil60XSs441O01T65aESbOcJpIySXvuZctOUHOKV+cm3hZBGSCziVEW2Nf2cboeYSb63N\/rASZhqxmoS5YbVhO1WHvPWGOuS7r1P5jYsZksjkW87rNLbMvBvbSbw0NvrnDnnILInryd98REREREQ\/vAAzzxwTVWsbZwAAAABJRU5ErkJggg=="}
-02253{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1510,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":24,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385156967826,"flow_dst_last_pkt_time":1654385157149701,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":14400,"flow_src_tot_l4_payload_len":6674,"flow_dst_tot_l4_payload_len":81693,"midstream":1,"thread_ts_usec":1654385157149701,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":1046669.2,"max":6045020,"stddev":1981650.1,"var":3926937042944.0,"ent":3.0,"data": [188503,1,1404,179436,1430,692,418,2433,676,270050,61,0,644,0,3892849,3428911,186128,186289,192621,208977,367165,352334,5253796,5339015,3643,6045020,5959115,408,493,194856,189377]},"pktlen": {"min":486,"avg":2813.5,"max":14452,"stddev":2993.9,"var":8963654.0,"ent":4.4,"data": [486,2932,2932,8692,2932,7252,1492,1492,14452,1492,2932,2932,7252,7252,4078,803,695,805,1511,807,1401,803,1516,1065,2932,1130,1155,1492,1492,1575,1166,1083]},"bins": {"c_to_s": [0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,1,0,0,7,0,13]},"directions": [0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,0,1,0,1,0,1,0,1,1,0,1,1,1,0,1],"entropies": [5.943944454,7.829628944,7.931543350,7.979783535,7.931476593,7.968062401,7.861111164,7.864268780,7.984925747,7.877884388,7.929042339,7.930032253,7.967924595,7.974642754,7.952368736,5.943904400,6.386446476,5.942170143,7.482911110,5.931495190,6.238120556,5.934639931,6.488353729,5.849187374,6.477306366,6.757167339,5.825885773,6.421376705,7.814886093,7.859082222,5.823412418,6.869374752]},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+02255{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1510,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":24,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385156967826,"flow_dst_last_pkt_time":1654385157149701,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":14400,"flow_src_tot_l4_payload_len":6674,"flow_dst_tot_l4_payload_len":81693,"midstream":1,"thread_ts_usec":1654385157149701,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":1046669.2,"max":6045020,"stddev":1981650.1,"var":3926937042944.0,"ent":3.0,"data": [188503,1,1404,179436,1430,692,418,2433,676,270050,61,0,644,0,3892849,3428911,186128,186289,192621,208977,367165,352334,5253796,5339015,3643,6045020,5959115,408,493,194856,189377]},"pktlen": {"min":486,"avg":2813.5,"max":14452,"stddev":2993.9,"var":8963654.0,"ent":4.4,"data": [486,2932,2932,8692,2932,7252,1492,1492,14452,1492,2932,2932,7252,7252,4078,803,695,805,1511,807,1401,803,1516,1065,2932,1130,1155,1492,1492,1575,1166,1083]},"bins": {"c_to_s": [0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,1,0,0,7,0,13]},"directions": [0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,1,0,1,0,1,0,1,0,1,1,0,1,1,1,0,1],"entropies": [5.943944454,7.829628944,7.931543350,7.979783535,7.931476593,7.968062401,7.861111164,7.864268780,7.984925747,7.877884388,7.929042339,7.930032253,7.967924595,7.974642754,7.952368736,5.943904400,6.386446476,5.942170143,7.482911110,5.931495190,6.238120556,5.934639931,6.488353729,5.849187374,6.477306366,6.757167339,5.825885773,6.421376705,7.814886093,7.859082222,5.823412418,6.869374752]},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
01720{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1511,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_packet_id":2,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385157153682,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":832,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":832,"pkt_l4_len":798,"thread_ts_usec":1654385157153682,"pkt":"nLbQ0+MztKXvZygQCABFAAMy+MlAADQG2UOhdQ0dwKgCfgBQw+Q76a9lejKjSIAYAPQgmwAAAQEICpcRV7e6xlWVSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo1NyBHTVQNCkNvbnRlbnQtVHlwZTogaW1hZ2UvcG5nDQpDb250ZW50LUxlbmd0aDogNDUwDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpMYXN0LU1vZGlmaWVkOiBGcmksIDE2IE9jdCAyMDIwIDA3OjExOjEwIEdNVA0KRVRhZzogIjVmODk0NzhlLTFjMiINCkV4cGlyZXM6IEZyaSwgMDIgU2VwIDIwMjIgMjM6MjU6NTcgR01UDQpDYWNoZS1Db250cm9sOiBtYXgtYWdlPTc3NzYwMDANCkFjY2VwdC1SYW5nZXM6IGJ5dGVzDQoNColQTkcNChoKAAAADUlIRFIAAABaAAAAWggDAAAAD3axMAAAAG9QTFRFAAAA\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/L9MC0QAAACR0Uk5TAJSpvW0XB\/bWdRD8t6aZi3E3AvPs3s20r6B8d2dTI0U7LisEPmah4wAAAN5JREFUWMPt1MkOglAMheGi3AsOgDhP4NT3f0YhYiQGMcg9iYvzr7rpt2lSYYwxxhhj7C172I4F0nykCrFLuSiei\/sOWhYa9\/JIKxol69S5PNMqDyYHR8eyr89WKUrWtQXIiCv6kxqduJSPdXl5diinC60VDAevon2\/h5JoS+u8szd85BdjrG3tOtO1Ra+VDn6lva+0ksbT+DNucHQGo0MDo\/0bil7kgqITi6InqaDo6RhGZ4KiVwZGzwRFL68w2rN96f0n+iR9aRM2y5HtRUflfNk0ybERxhhjjLG\/7A7dOIR9fLd0dQAAAABJRU5ErkJggg=="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1512,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":2,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385157162185,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":574,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":574,"pkt_l4_len":540,"thread_ts_usec":1654385157162185,"pkt":"nLbQ0+MztKXvZygQCABFAAIwUYBAADQGgY+hdQ0dwKgCfgBQw\/TiBgbELqLpRYAYAPSjggAAAQEICpcRV8K6xlWcSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo1NyBHTVQNCkNvbnRlbnQtVHlwZTogaW1hZ2UvcG5nDQpDb250ZW50LUxlbmd0aDogMTkzDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpMYXN0LU1vZGlmaWVkOiBGcmksIDE2IE9jdCAyMDIwIDA3OjExOjEwIEdNVA0KRVRhZzogIjVmODk0NzhlLWMxIg0KRXhwaXJlczogRnJpLCAwMiBTZXAgMjAyMiAyMzoyNTo1NyBHTVQNCkNhY2hlLUNvbnRyb2w6IG1heC1hZ2U9Nzc3NjAwMA0KQWNjZXB0LVJhbmdlczogYnl0ZXMNCg0KiVBORw0KGgoAAAANSUhEUgAAAFoAAABaBAMAAADKhlwxAAAAD1BMVEUAAAD\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/+PQt5oAAAABHRSTlMA8a0mzjE4JAAAAF1JREFUWMPt0LsNgDAMRVEgC\/DJACAYANgg6O0\/E0qKpLIipYt0T2PryYXtAQAA9OpdzlTdsd45sDivkKYeaSuBYZK0x+aSvhIYRklzbLwUctA+Xd+k\/cr6BwEAwA+l3hHvzEdfEgAAAABJRU5ErkJggg=="}
01564{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1513,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_packet_id":2,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385157178524,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":746,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":746,"pkt_l4_len":712,"thread_ts_usec":1654385157178524,"pkt":"nLbQ0+MztKXvZygQCABFAALcrA1AADQGJlahdQ0dwKgCfgBQw\/a\/BfvNoaiIL4AYAPQ5GAAAAQEICpcRV9K6xlWuSFRUUC8xLjEgMjAwIE9LDQpTZXJ2ZXI6IG9wZW5yZXN0eS8xLjEzLjYuMQ0KRGF0ZTogU2F0LCAwNCBKdW4gMjAyMiAyMzoyNTo1NyBHTVQNCkNvbnRlbnQtVHlwZTogaW1hZ2UvcG5nDQpDb250ZW50LUxlbmd0aDogMzY0DQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpMYXN0LU1vZGlmaWVkOiBGcmksIDE2IE9jdCAyMDIwIDA3OjExOjEwIEdNVA0KRVRhZzogIjVmODk0NzhlLTE2YyINCkV4cGlyZXM6IEZyaSwgMDIgU2VwIDIwMjIgMjM6MjU6NTcgR01UDQpDYWNoZS1Db250cm9sOiBtYXgtYWdlPTc3NzYwMDANCkFjY2VwdC1SYW5nZXM6IGJ5dGVzDQoNColQTkcNChoKAAAADUlIRFIAAABaAAAAWggDAAAAD3axMAAAAFFQTFRFAAAA\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/CDfnXgAAABp0Uk5TAOEQHt3X0s4WI+fFBvPkMNPJq0tAC7VRUC7\/IHCDAAAAsElEQVRYw+3WWQ7DIAwEUCckUMjWfZn7H7RC\/DTqR4OE1SDNO8DIssC2EBERERHRv13Orei4AsMoGh4TAKdR99ghGjSyXzMid5PyfJeyD1KeD4hOGj0xqe5eJbtHdDRSnmkQWY1+tw5Rp5FtbOq3l1y2+cEGpOzsurHZvEieCZvd91N1Vq9380Jy3nUtv\/FzhtQy+dbzuo4ts4TVbqxkoz+\/75AKrqd08xERERERKXoDf5McEz6WWVMAAAAASUVORK5CYII="}
@@ -1106,7 +1106,7 @@
02180{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1577,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184096708,"flow_src_last_pkt_time":1654385184096708,"flow_dst_last_pkt_time":1654385184096708,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1132,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1132,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385184096708,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.58","src_port":43266,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"net.rayjump.com","http": {"url":"net.rayjump.com\/openapi\/ad\/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&mnc=&mcc=&network_type=9&network_str=&language=en&timezone=GMT%2B01%3A00&useragent=Mozilla%2F5.0%20%28Linux%3B%20Android%2011%3B%20sdk_gphone_x86%20Build%2FRSR1.201013.001%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F83.0.4103.106%20Mobile%20Safari%2F537.36&sdk_version=MAL_8.7.4&gp_version=22.4.25-21%20%5B0%5D%20%5BPR%5D%20337959405&screen_size=1794x1080&is_clever=2&version_flag=1&cache1=6240&cache2=5365&power_rate=100&charging=0&sub_ip=10.0.2.16&dvi=4BztYrxBYFQ3%2BFQ3RUE0DUQQiUlbfADAfnx3iUVPHZRsRrfuHoR1RUv06N%3D%3D&api_version=1.3","code":0,"content_type":"","user_agent":"Apache-HttpClient\/UNAVAILABLE (java 1.4)"}}}
00781{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1578,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184117986,"flow_src_last_pkt_time":1654385184117986,"flow_dst_last_pkt_time":1654385184117986,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":252,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":252,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385184117986,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.97.107","src_port":56826,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00866{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1578,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":1,"flow_src_last_pkt_time":1654385184117986,"flow_dst_last_pkt_time":1654385184117986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":306,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":306,"pkt_l4_len":272,"thread_ts_usec":1654385184117986,"pkt":"tKXvZygQnLbQ0+MzCABFAAEkBJZAAEAGB9zAqAJ+CNFha936AFBSP8o9I7uXO1AYAfYueQAAUE9TVCAvIEhUVFAvMS4xDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZA0KQ2hhcnNldDogVVRGLTgNClJhbmdlOiBieXRlcz0wLQ0KQ29udGVudC1MZW5ndGg6IDc5Ng0KSG9zdDogYW5hbHl0aWNzLnJheWp1bXAuY29tDQpDb25uZWN0aW9uOiBLZWVwLUFsaXZlDQpVc2VyLUFnZW50OiBBcGFjaGUtSHR0cENsaWVudC9VTkFWQUlMQUJMRSAoamF2YSAxLjQpDQpBY2NlcHQtRW5jb2Rpbmc6IGd6aXANCg0K"}
-01270{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1578,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184117986,"flow_src_last_pkt_time":1654385184117986,"flow_dst_last_pkt_time":1654385184117986,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":252,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":252,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385184117986,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.97.107","src_port":56826,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"analytics.rayjump.com","http": {"url":"analytics.rayjump.com\/","code":0,"content_type":"","user_agent":"Apache-HttpClient\/UNAVAILABLE (java 1.4)","request_content_type":"application\/x-www-form-urlencoded"}}}
+01272{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1578,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184117986,"flow_src_last_pkt_time":1654385184117986,"flow_dst_last_pkt_time":1654385184117986,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":252,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":252,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":252,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385184117986,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.97.107","src_port":56826,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"analytics.rayjump.com","http": {"url":"analytics.rayjump.com\/","code":0,"content_type":"","user_agent":"Apache-HttpClient\/UNAVAILABLE (java 1.4)","request_content_type":"application\/x-www-form-urlencoded"}}}
01594{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1579,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":2,"flow_src_last_pkt_time":1654385184118073,"flow_dst_last_pkt_time":1654385184117986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":850,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":850,"pkt_l4_len":816,"thread_ts_usec":1654385184118073,"pkt":"tKXvZygQnLbQ0+MzCABFAANEBJdAAEAGBbvAqAJ+CNFha936AFBSP8s5I7uXO1AYAfYwmQAAcGxhdGZvcm09MSZvc192ZXJzaW9uPTMwJnBhY2thZ2VfbmFtZT1jb20uc2NlbmV3YXkua2Fua2FuJmFwcF92ZXJzaW9uX25hbWU9Mi44LjIuMSZvcmllbnRhdGlvbj0yJmJyYW5kPWdvb2dsZSZtb2RlbD1zZGtfZ3Bob25lX3g4NiZnYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZtbmM9Jm1jYz0mbmV0d29ya190eXBlPTkmbmV0d29ya19zdHI9Jmxhbmd1YWdlPWVuJnRpbWV6b25lPUdNVCUyNTJCMDElMjUzQTAwJnVhPU1vemlsbGElMjUyRjUuMCUyQiUyNTI4TGludXglMjUzQiUyQkFuZHJvaWQlMkIxMSUyNTNCJTJCc2RrX2dwaG9uZV94ODYlMkJCdWlsZCUyNTJGUlNSMS4yMDEwMTMuMDAxJTI1M0IlMkJ3diUyNTI5JTJCQXBwbGVXZWJLaXQlMjUyRjUzNy4zNiUyQiUyNTI4S0hUTUwlMjUyQyUyQmxpa2UlMkJHZWNrbyUyNTI5JTJCVmVyc2lvbiUyNTJGNC4wJTJCQ2hyb21lJTI1MkY4My4wLjQxMDMuMTA2JTJCTW9iaWxlJTJCU2FmYXJpJTI1MkY1MzcuMzYmc2RrX3ZlcnNpb249TUFMXzguNy40JmdwX3ZlcnNpb249MjIuNC4yNS0yMSUyQiUyNTVCMCUyNTVEJTJCJTI1NUJQUiUyNTVEJTJCMzM3OTU5NDA1Jmdwc3Y9MTI0NTEwMDAmc2NyZWVuX3NpemU9MTc5NHgxMDgwJmR2aT00Qnp0WXJ4QllGUTMlMkJGUTNSVUUwRFVRUWlVbGJmQURBZm54M2lVVlBIWnpLJmFwcF9pZD0zMjQ1NiZkYXRhPWtleSUyNTNEMjAwMDAzMiUyNTI2Y29udGVudCUyNTNERCUyNTI1MkJTTSUyNTI1MkJGUDJZblRlR2FsckxrUEFKN2NzWWNLdUhhVCUyNTI1M0QmbV9zZGs9bXNkayZjaGFubmVsPQ=="}
00651{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1580,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":3,"flow_src_last_pkt_time":1654385184118073,"flow_dst_last_pkt_time":1654385184139299,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":142,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":142,"pkt_l4_len":108,"thread_ts_usec":1654385184139299,"pkt":"nLbQ0+MztKXvZygQCABFAACApCdAADgGcO4I0WFrwKgCfgBQ3foju5c7Uj\/OVVAYAD8bqQAASFRUUC8xLjEgMjA0IE5vIENvbnRlbnQNCkRhdGU6IFNhdCwgMDQgSnVuIDIwMjIgMjM6MjY6MjQgR01UDQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQoNCg=="}
00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1581,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184174078,"flow_src_last_pkt_time":1654385184174078,"flow_dst_last_pkt_time":1654385184174078,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":940,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":940,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":940,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385184174078,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.58","src_port":43272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
@@ -1202,7 +1202,7 @@
01348{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1706,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":195,"flow_packet_id":2,"flow_src_last_pkt_time":1654385232040567,"flow_dst_last_pkt_time":1654385232085154,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":664,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":664,"pkt_l4_len":630,"thread_ts_usec":1654385232085154,"pkt":"nLbQ0+MztKXvZygQCABFAAKKs5NAAPUGSvMDer5GwKgCfgBQgRKT0VdXkWADEoAYAHGvxgAAAQEICk9CmDyWJWeOSFRUUC8xLjEgMjAwIE9LDQpEYXRlOiBTYXQsIDA0IEp1biAyMDIyIDIzOjI3OjEyIEdNVA0KQ29udGVudC1UeXBlOiBpbWFnZS9wbmcNCkNvbnRlbnQtTGVuZ3RoOiA3MA0KQ29ubmVjdGlvbjoga2VlcC1hbGl2ZQ0KU2V0LUNvb2tpZTogQVdTQUxCPWdzUk5HU1NhK09YcDJjZTBNNk51U0FjaTJXM3JYSFVtcXNKcnFZNkdFcGtsTUNzaEc2bnU5Y0l6eS9iQXJIU0NPeElRL0ZneTJrZDFNY0RyZVMwQ0d3S2Y0NlJRbERuL2JnMXFELzJWSitGYnJ4U1NNU2RCQ1lKV1N2cms7IEV4cGlyZXM9U2F0LCAxMSBKdW4gMjAyMiAyMzoyNzoxMiBHTVQ7IFBhdGg9Lw0KU2V0LUNvb2tpZTogQVdTQUxCQ09SUz1nc1JOR1NTYStPWHAyY2UwTTZOdVNBY2kyVzNyWEhVbXFzSnJxWTZHRXBrbE1Dc2hHNm51OWNJenkvYkFySFNDT3hJUS9GZ3kya2QxTWNEcmVTMENHd0tmNDZSUWxEbi9iZzFxRC8yVkorRmJyeFNTTVNkQkNZSldTdnJrOyBFeHBpcmVzPVNhdCwgMTEgSnVuIDIwMjIgMjM6Mjc6MTIgR01UOyBQYXRoPS87IFNhbWVTaXRlPU5vbmUNCg0KiVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+P+\/HgAFhAJ\/wlseKgAAAABJRU5ErkJggg=="}
00782{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1707,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385232158874,"flow_src_last_pkt_time":1654385232158874,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":253,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":253,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":253,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385232158874,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.112.118","src_port":35426,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00870{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1707,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":1,"flow_src_last_pkt_time":1654385232158874,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":307,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":307,"pkt_l4_len":273,"thread_ts_usec":1654385232158874,"pkt":"tKXvZygQnLbQ0+MzCABFAAElDRhAAEAG8E3AqAJ+CNFwdopiAFAUf4ZSerS+DlAYAfY9hQAAUE9TVCAvIEhUVFAvMS4xDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3gtd3d3LWZvcm0tdXJsZW5jb2RlZA0KQ2hhcnNldDogVVRGLTgNClJhbmdlOiBieXRlcz0wLQ0KQ29udGVudC1MZW5ndGg6IDIxOTkNCkhvc3Q6IGFuYWx5dGljcy5yYXlqdW1wLmNvbQ0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KVXNlci1BZ2VudDogQXBhY2hlLUh0dHBDbGllbnQvVU5BVkFJTEFCTEUgKGphdmEgMS40KQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQoNCg=="}
-01271{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1707,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385232158874,"flow_src_last_pkt_time":1654385232158874,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":253,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":253,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":253,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385232158874,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.112.118","src_port":35426,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"analytics.rayjump.com","http": {"url":"analytics.rayjump.com\/","code":0,"content_type":"","user_agent":"Apache-HttpClient\/UNAVAILABLE (java 1.4)","request_content_type":"application\/x-www-form-urlencoded"}}}
+01273{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1707,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385232158874,"flow_src_last_pkt_time":1654385232158874,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":253,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":253,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":253,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385232158874,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.112.118","src_port":35426,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"analytics.rayjump.com","http": {"url":"analytics.rayjump.com\/","code":0,"content_type":"","user_agent":"Apache-HttpClient\/UNAVAILABLE (java 1.4)","request_content_type":"application\/x-www-form-urlencoded"}}}
02461{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1708,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":2,"flow_src_last_pkt_time":1654385232158923,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1498,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1498,"pkt_l4_len":1464,"thread_ts_usec":1654385232158923,"pkt":"tKXvZygQnLbQ0+MzCABFAAXMDRlAAEAG66XAqAJ+CNFwdopiAFAUf4dPerS+DlAQAfZCLAAAcGxhdGZvcm09MSZvc192ZXJzaW9uPTMwJnBhY2thZ2VfbmFtZT1jb20uc2NlbmV3YXkua2Fua2FuJmFwcF92ZXJzaW9uX25hbWU9Mi44LjIuMSZvcmllbnRhdGlvbj0yJmJyYW5kPWdvb2dsZSZtb2RlbD1zZGtfZ3Bob25lX3g4NiZnYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZtbmM9Jm1jYz0mbmV0d29ya190eXBlPTkmbmV0d29ya19zdHI9Jmxhbmd1YWdlPWVuJnRpbWV6b25lPUdNVCUyNTJCMDElMjUzQTAwJnVhPU1vemlsbGElMjUyRjUuMCUyQiUyNTI4TGludXglMjUzQiUyQkFuZHJvaWQlMkIxMSUyNTNCJTJCc2RrX2dwaG9uZV94ODYlMkJCdWlsZCUyNTJGUlNSMS4yMDEwMTMuMDAxJTI1M0IlMkJ3diUyNTI5JTJCQXBwbGVXZWJLaXQlMjUyRjUzNy4zNiUyQiUyNTI4S0hUTUwlMjUyQyUyQmxpa2UlMkJHZWNrbyUyNTI5JTJCVmVyc2lvbiUyNTJGNC4wJTJCQ2hyb21lJTI1MkY4My4wLjQxMDMuMTA2JTJCTW9iaWxlJTJCU2FmYXJpJTI1MkY1MzcuMzYmc2RrX3ZlcnNpb249TUFMXzguNy40JmdwX3ZlcnNpb249MjIuNC4yNS0yMSUyQiUyNTVCMCUyNTVEJTJCJTI1NUJQUiUyNTVEJTJCMzM3OTU5NDA1Jmdwc3Y9MTI0NTEwMDAmc2NyZWVuX3NpemU9MTc5NHgxMDgwJmR2aT00Qnp0WXJ4QllGUTMlMkJGUTNSVUUwRFVRUWlVbGJmQURBZm54M2lVVlBIWnpLJmFwcF9pZD0zMjQ1NiZkYXRhPXJpZCUyNTNENjI5YmVhMjBhNGU1NDEwMDAxZjAxYzd4JTI1MjZuZXR3b3JrX3R5cGUlMjUzRDklMjUyNm5ldHdvcmtfc3RyJTI1M0QlMjUyNmNpZCUyNTNEMTk5NDQzNjUyOTklMjUyNmNsaWNrX3R5cGUlMjUzRDElMjUyNnR5cGUlMjUzRDElMjUyNmNsaWNrX2R1cmF0aW9uJTI1M0QxNjUlMjUyNmtleSUyNTNEMjAwMDAxMyUyNTI2dW5pdF9pZCUyNTNEODg4MSUyNTI2bGFzdF91cmwlMjUzRGh0dHBzJTI1MjUzQSUyNTI1MkYlMjUyNTJGcGxheS5nb29nbGUuY29tJTI1MjUyRnN0b3JlJTI1MjUyRmFwcHMlMjUyNTJGZGV0YWlscyUyNTI1M0ZpZCUyNTI1M0Rjb20uYXphcmxpdmUuYW5kcm9pZCUyNTI1MjZyZWZlcnJlciUyNTI1M0RhZGp1c3RfZXh0ZXJuYWxfY2xpY2tfaWQlMjUyNTI1M0R2LjJfZy4xNDM4NDVfYS5mODRmNTRiZi0zMWNkLTQzZmYtYmQyNy01MjZjY2M2NDU3ZGFfYy4xMTdfdC51YV91LmU3ZGY4NzI0N2NiY2VhMTMlMjUyNTI1MjZ1dG1fY2FtcGFpZ24lMjUyNTI1M0RUZXN0JTI1MjUyNTJCQ2FtcGFpZ24lMjUyNTI1MjZ1dG1fY29udGVudCUyNTI1MjUzRFRlc3QlMjUyNTI1MkJTb3VyY2UlMjUyNTI1MkJBcHBfMTIzNDU2Nzg5JTI1MjUyNTI2dXRtX3NvdXJjZSUyNTI1MjUzRExpZnRvZmYlMjUyNTI1MjZ1dG1fdGVybSUyNTI1MjUzRFRlc3QlMjUyNTI1MkJDcmVhdGl2ZSUyNTI2Y29udGVudCUyNTNEbnVsbCUyNTI2Y29kZSUyNTNEMzAxJTI1MjZleGNlcHRpb24lMjUzRG51bGwlMjUyNmhlYWRlciUyNQ=="}
00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1709,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":3,"flow_src_last_pkt_time":1654385232158927,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":1654385232158927,"pkt":"tKXvZygQnLbQ0+MzCABFAAA4DRpAAEAG8TjAqAJ+CNFwdopiAFAUf4zzerS+DlAYAfY8mAAAM0RzdGF0dXNDb2RlJTI1Mg=="}
01519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1710,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":4,"flow_src_last_pkt_time":1654385232159668,"flow_dst_last_pkt_time":1654385232158874,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":793,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":793,"pkt_l4_len":759,"thread_ts_usec":1654385232159668,"pkt":"tKXvZygQnLbQ0+MzCABFAAMLDRtAAEAG7mTAqAJ+CNFwdopiAFAUf40DerS+DlAYAfY\/awAANTNEMzAxJTI1MjUyQyUyNTJCbG9jYXRpb24lMjUyNTNEaHR0cHMlMjUyNTNBJTI1MjUyRiUyNTI1MkZwbGF5Lmdvb2dsZS5jb20lMjUyNTJGc3RvcmUlMjUyNTJGYXBwcyUyNTI1MkZkZXRhaWxzJTI1MjUzRmlkJTI1MjUzRGNvbS5hemFybGl2ZS5hbmRyb2lkJTI1MjUyNnJlZmVycmVyJTI1MjUzRGFkanVzdF9leHRlcm5hbF9jbGlja19pZCUyNTI1MjUzRHYuMl9nLjE0Mzg0NV9hLmY4NGY1NGJmLTMxY2QtNDNmZi1iZDI3LTUyNmNjYzY0NTdkYV9jLjExN190LnVhX3UuZTdkZjg3MjQ3Y2JjZWExMyUyNTI1MjUyNnV0bV9jYW1wYWlnbiUyNTI1MjUzRFRlc3QlMjUyNTI1MkJDYW1wYWlnbiUyNTI1MjUyNnV0bV9jb250ZW50JTI1MjUyNTNEVGVzdCUyNTI1MjUyQlNvdXJjZSUyNTI1MjUyQkFwcF8xMjM0NTY3ODklMjUyNTI1MjZ1dG1fc291cmNlJTI1MjUyNTNETGlmdG9mZiUyNTI1MjUyNnV0bV90ZXJtJTI1MjUyNTNEVGVzdCUyNTI1MjUyQkNyZWF0aXZlJTI1MjUyQyUyNTJCY29udGVudFR5cGUlMjUyNTNEYXBwbGljYXRpb24lMjUyNTJGYmluYXJ5JTI1MjUyQyUyNTJCY29udGVudExlbmd0aCUyNTI1M0QwJTI1MjUyQyUyNTJCY29udGVudEVuY29kaW5nJTI1MjUzRG51bGwlMjUyNTJDJTI1MkJyZWZlcmVyJTI1MjUzRG51bGwlMjUyNmxhbmRpbmdfdHlwZSUyNTNEMCUyNTI2bGlua190eXBlJTI1M0QyJTI1MjZjbGlja190aW1lJTI1M0QxNjU0Mzg1MjMwJTI1MEEmbV9zZGs9bXNkayZjaGFubmVsPQ=="}
@@ -1213,14 +1213,14 @@
02189{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1718,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":197,"flow_packet_id":1,"flow_src_last_pkt_time":1654385235892637,"flow_dst_last_pkt_time":1654385235892637,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1295,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1295,"pkt_l4_len":1261,"thread_ts_usec":1654385235892637,"pkt":"tKXvZygQnLbQ0+MzCABFAAUBYktAAEAGrwXAqAJ+EkBPQMnmAFARWCNCXMPM5oAYAfYpmgAAAQEICr8GCEOu2uHSR0VUIC9vcGVuYXBpL2FkL3YzP2FwcF9pZD0zMjQ1NiZ1bml0X2lkPTg4ODEmc2lnbj0zYzI4ZGVkMDRlMGY0MDkwMjI5OTY4NjE4MjQ0YjU4MyZyZXFfdHlwZT0zJmFkX251bT0yMCZ0bnVtPTEmb25seV9pbXByZXNzaW9uPTEmcGluZ19tb2RlPTEmdHRjX2lkcz0lNUIlNUQmZGlzcGxheV9jaWRzPSU1QjE5OTQ0MzY1Mjk5JTVEJmV4Y2x1ZGVfaWRzPSU1QjE5OTQ0MzY1Mjk5JTVEJmFkX3NvdXJjZV9pZD0xJnNlc3Npb25faWQ9NjI5YmVhMjBhNGU1NDEwMDAxMGYwMWM4JmFkX3R5cGU9OTQmb2Zmc2V0PTAmY2hhbm5lbD0mcGxhdGZvcm09MSZvc192ZXJzaW9uPTExJnBhY2thZ2VfbmFtZT1jb20uc2NlbmV3YXkua2Fua2FuJmFwcF92ZXJzaW9uX25hbWU9Mi44LjIuMSZhcHBfdmVyc2lvbl9jb2RlPTE0NiZvcmllbnRhdGlvbj0xJm1vZGVsPXNka19ncGhvbmVfeDg2JmJyYW5kPWdvb2dsZSZnYWlkPTVhYzZhMGZmLThkMTgtNDdiYy1hOTAyLTI4MTJjZjBjMjUxZSZtbmM9Jm1jYz0mbmV0d29ya190eXBlPTkmbmV0d29ya19zdHI9Jmxhbmd1YWdlPWVuJnRpbWV6b25lPUdNVCUyQjAxJTNBMDAmdXNlcmFnZW50PU1vemlsbGElMkY1LjAlMjAlMjhMaW51eCUzQiUyMEFuZHJvaWQlMjAxMSUzQiUyMHNka19ncGhvbmVfeDg2JTIwQnVpbGQlMkZSU1IxLjIwMTAxMy4wMDElM0IlMjB3diUyOSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwJTI4S0hUTUwlMkMlMjBsaWtlJTIwR2Vja28lMjklMjBWZXJzaW9uJTJGNC4wJTIwQ2hyb21lJTJGODMuMC40MTAzLjEwNiUyME1vYmlsZSUyMFNhZmFyaSUyRjUzNy4zNiZzZGtfdmVyc2lvbj1NQUxfOC43LjQmZ3BfdmVyc2lvbj0yMi40LjI1LTIxJTIwJTVCMCU1RCUyMCU1QlBSJTVEJTIwMzM3OTU5NDA1JnNjcmVlbl9zaXplPTEwODB4MTc5NCZpc19jbGV2ZXI9MiZ2ZXJzaW9uX2ZsYWc9MSZjYWNoZTE9NjI0MCZjYWNoZTI9NTM2NSZwb3dlcl9yYXRlPTEwMCZjaGFyZ2luZz0wJnN1Yl9pcD0xMC4wLjIuMTYmZHZpPTRCenRZcnhCWUZRMyUyQkZRM1JVRTBEVVFRaVVsYmZBREFmbngzaVVWUEhaUnNScmZ1SG9SMVJVdjA2TiUzRCUzRCZhcGlfdmVyc2lvbj0xLjMgSFRUUC8xLjENCkNoYXJzZXQ6IFVURi04DQpIb3N0OiBuZXQucmF5anVtcC5jb20NCkNvbm5lY3Rpb246IEtlZXAtQWxpdmUNClVzZXItQWdlbnQ6IEFwYWNoZS1IdHRwQ2xpZW50L1VOQVZBSUxBQkxFIChqYXZhIDEuNCkNCkFjY2VwdC1FbmNvZGluZzogZ3ppcA0KDQo="}
02277{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1718,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385235892637,"flow_src_last_pkt_time":1654385235892637,"flow_dst_last_pkt_time":1654385235892637,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1229,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1229,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1229,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385235892637,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.64","src_port":51686,"dst_port":80,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"net.rayjump.com","http": {"url":"net.rayjump.com\/openapi\/ad\/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=629bea20a4e54100010f01c8&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=1&model=sdk_gphone_x86&brand=google&gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&mnc=&mcc=&network_type=9&network_str=&language=en&timezone=GMT%2B01%3A00&useragent=Mozilla%2F5.0%20%28Linux%3B%20Android%2011%3B%20sdk_gphone_x86%20Build%2FRSR1.201013.001%3B%20wv%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Version%2F4.0%20Chrome%2F83.0.4103.106%20Mobile%20Safari%2F537.36&sdk_version=MAL_8.7.4&gp_version=22.4.25-21%20%5B0%5D%20%5BPR%5D%20337959405&screen_size=1080x1794&is_clever=2&version_flag=1&cache1=6240&cache2=5365&power_rate=100&charging=0&sub_ip=10.0.2.16&dvi=4BztYrxBYFQ3%2BFQ3RUE0DUQQiUlbfADAfnx3iUVPHZRsRrfuHoR1RUv06N%3D%3D&api_version=1.3","code":0,"content_type":"","user_agent":"Apache-HttpClient\/UNAVAILABLE (java 1.4)"}}}
01127{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":197,"flow_packet_id":2,"flow_src_last_pkt_time":1654385235892637,"flow_dst_last_pkt_time":1654385236487007,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":500,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":500,"pkt_l4_len":466,"thread_ts_usec":1654385236487007,"pkt":"nLbQ0+MztKXvZygQCABFAAHm3ckAAPgGvqESQE9AwKgCfgBQyeZcw8zmEVgoD4AYAIbbsgAAAQEICq7a5CW\/BghDSFRUUC8xLjEgMjAwIE9LDQpDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb247Y2hhcnNldD1VVEYtOA0KQ29udGVudC1MZW5ndGg6IDQ0DQpDb25uZWN0aW9uOiBrZWVwLWFsaXZlDQpBY2Nlc3MtQ29udHJvbC1BbGxvdy1PcmlnaW46ICoNCkRhdGU6IFNhdCwgMDQgSnVuIDIwMjIgMjM6Mjc6MTYgR01UDQpTZXJ2ZXI6IG5naW54DQpYLUNhY2hlOiBNaXNzIGZyb20gY2xvdWRmcm9udA0KVmlhOiAxLjEgMzU4ODU2ODkyOGU2NzdjZTliYjhhZWRmZDZlMGVhMDQuY2xvdWRmcm9udC5uZXQgKENsb3VkRnJvbnQpDQpYLUFtei1DZi1Qb3A6IFRYTDUwLVAyDQpYLUFtei1DZi1JZDogY2VuanJZVHJpT2oyRy1QM1B6ZmY1cVZCSjFWOTVFbE85YnIxc1FvWUxYYll1U2VfeVBIYnZBPT0NCg0KeyJzdGF0dXMiOi0xLCJtc2ciOiJFWENFUFRJT05fUkVUVVJOX0VNUFRZIn0="}
-00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":8,"flow_first_seen":1654385140779083,"flow_src_last_pkt_time":1654385144744780,"flow_dst_last_pkt_time":1654385145113565,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":443,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":740,"flow_dst_max_l4_payload_len":8192,"flow_src_tot_l4_payload_len":1183,"flow_dst_tot_l4_payload_len":18456,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45388,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":18,"flow_first_seen":1654385140794335,"flow_src_last_pkt_time":1654385144961102,"flow_dst_last_pkt_time":1654385145146412,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":755,"flow_dst_max_l4_payload_len":7200,"flow_src_tot_l4_payload_len":1929,"flow_dst_tot_l4_payload_len":57537,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45398,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":8,"flow_first_seen":1654385140779083,"flow_src_last_pkt_time":1654385144744780,"flow_dst_last_pkt_time":1654385145113565,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":443,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":740,"flow_dst_max_l4_payload_len":8192,"flow_src_tot_l4_payload_len":1183,"flow_dst_tot_l4_payload_len":18456,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45388,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":18,"flow_first_seen":1654385140794335,"flow_src_last_pkt_time":1654385144961102,"flow_dst_last_pkt_time":1654385145146412,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":755,"flow_dst_max_l4_payload_len":7200,"flow_src_tot_l4_payload_len":1929,"flow_dst_tot_l4_payload_len":57537,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45398,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00992{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":16,"flow_first_seen":1654385156800184,"flow_src_last_pkt_time":1654385156800184,"flow_dst_last_pkt_time":1654385156865117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":423,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":423,"flow_dst_max_l4_payload_len":2836,"flow_src_tot_l4_payload_len":423,"flow_dst_tot_l4_payload_len":28785,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.217.18.98","src_port":44368,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.GoogleServices","proto_id":"7.239","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
-00966{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1654385184117986,"flow_src_last_pkt_time":1654385184118073,"flow_dst_last_pkt_time":1654385184139299,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":252,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":796,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":1048,"flow_dst_tot_l4_payload_len":88,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.97.107","src_port":56826,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1654385140824396,"flow_src_last_pkt_time":1654385144957630,"flow_dst_last_pkt_time":1654385145140317,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":416,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1390,"flow_src_tot_l4_payload_len":1920,"flow_dst_tot_l4_payload_len":3320,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45414,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":24,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385156967826,"flow_dst_last_pkt_time":1654385157149701,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":14400,"flow_src_tot_l4_payload_len":6674,"flow_dst_tot_l4_payload_len":81693,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1654385140836422,"flow_src_last_pkt_time":1654385144960570,"flow_dst_last_pkt_time":1654385145144651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":436,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1654,"flow_src_tot_l4_payload_len":1941,"flow_dst_tot_l4_payload_len":5796,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45422,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385140850557,"flow_src_last_pkt_time":1654385140850557,"flow_dst_last_pkt_time":1654385141035727,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":414,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":414,"flow_dst_max_l4_payload_len":1721,"flow_src_tot_l4_payload_len":414,"flow_dst_tot_l4_payload_len":1721,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45424,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":17,"category":"Streaming"}}
+00968{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1654385184117986,"flow_src_last_pkt_time":1654385184118073,"flow_dst_last_pkt_time":1654385184139299,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":252,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":796,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":1048,"flow_dst_tot_l4_payload_len":88,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.97.107","src_port":56826,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1654385140824396,"flow_src_last_pkt_time":1654385144957630,"flow_dst_last_pkt_time":1654385145140317,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":416,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1390,"flow_src_tot_l4_payload_len":1920,"flow_dst_tot_l4_payload_len":3320,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45414,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":24,"flow_first_seen":1654385140835391,"flow_src_last_pkt_time":1654385156967826,"flow_dst_last_pkt_time":1654385157149701,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":434,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":14400,"flow_src_tot_l4_payload_len":6674,"flow_dst_tot_l4_payload_len":81693,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45416,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1654385140836422,"flow_src_last_pkt_time":1654385144960570,"flow_dst_last_pkt_time":1654385145144651,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":436,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":753,"flow_dst_max_l4_payload_len":1654,"flow_src_tot_l4_payload_len":1941,"flow_dst_tot_l4_payload_len":5796,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45422,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385140850557,"flow_src_last_pkt_time":1654385140850557,"flow_dst_last_pkt_time":1654385141035727,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":414,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":414,"flow_dst_max_l4_payload_len":1721,"flow_src_tot_l4_payload_len":414,"flow_dst_tot_l4_payload_len":1721,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45424,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":17,"category":"Streaming"}}
00784{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385142293700,"flow_src_last_pkt_time":1654385142293700,"flow_dst_last_pkt_time":1654385142293700,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":517,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"119.28.164.143","src_port":51888,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00970{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385229450708,"flow_src_last_pkt_time":1654385229450708,"flow_dst_last_pkt_time":1654385229557713,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":424,"flow_dst_max_l4_payload_len":75,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":75,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.233.123.55","src_port":54810,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00975{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":29,"flow_first_seen":1654385184938285,"flow_src_last_pkt_time":1654385184938285,"flow_dst_last_pkt_time":1654385185019373,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":345,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":345,"flow_dst_max_l4_payload_len":5712,"flow_src_tot_l4_payload_len":345,"flow_dst_tot_l4_payload_len":97077,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.103.30","src_port":36636,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
@@ -1243,11 +1243,11 @@
00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":23,"flow_first_seen":1654385146276790,"flow_src_last_pkt_time":1654385147316212,"flow_dst_last_pkt_time":1654385147926816,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":514,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":526,"flow_dst_max_l4_payload_len":21600,"flow_src_tot_l4_payload_len":1554,"flow_dst_tot_l4_payload_len":126758,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"14.136.136.108","src_port":49412,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00784{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184096708,"flow_src_last_pkt_time":1654385184096708,"flow_dst_last_pkt_time":1654385184096708,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1132,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1132,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1132,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.58","src_port":43266,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00970{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385184174078,"flow_src_last_pkt_time":1654385184174078,"flow_dst_last_pkt_time":1654385184282680,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":940,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":940,"flow_dst_max_l4_payload_len":434,"flow_src_tot_l4_payload_len":940,"flow_dst_tot_l4_payload_len":434,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.58","src_port":43272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156962711,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385157145999,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1112,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1112,"flow_dst_max_l4_payload_len":682,"flow_src_tot_l4_payload_len":1112,"flow_dst_tot_l4_payload_len":682,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50140,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156971856,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385157153682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1114,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":766,"flow_src_tot_l4_payload_len":1114,"flow_dst_tot_l4_payload_len":766,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50148,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156978849,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385157162185,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1118,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1118,"flow_dst_max_l4_payload_len":508,"flow_src_tot_l4_payload_len":1118,"flow_dst_tot_l4_payload_len":508,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50164,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156997634,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385157178524,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1113,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1113,"flow_dst_max_l4_payload_len":680,"flow_src_tot_l4_payload_len":1113,"flow_dst_tot_l4_payload_len":680,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50166,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":2,"flow_first_seen":1654385157001678,"flow_src_last_pkt_time":1654385157001678,"flow_dst_last_pkt_time":1654385157186882,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1119,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1119,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":1119,"flow_dst_tot_l4_payload_len":1950,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50176,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156962711,"flow_src_last_pkt_time":1654385156962711,"flow_dst_last_pkt_time":1654385157145999,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1112,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1112,"flow_dst_max_l4_payload_len":682,"flow_src_tot_l4_payload_len":1112,"flow_dst_tot_l4_payload_len":682,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50140,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156971856,"flow_src_last_pkt_time":1654385156971856,"flow_dst_last_pkt_time":1654385157153682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1114,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1114,"flow_dst_max_l4_payload_len":766,"flow_src_tot_l4_payload_len":1114,"flow_dst_tot_l4_payload_len":766,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50148,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156978849,"flow_src_last_pkt_time":1654385156978849,"flow_dst_last_pkt_time":1654385157162185,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1118,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1118,"flow_dst_max_l4_payload_len":508,"flow_src_tot_l4_payload_len":1118,"flow_dst_tot_l4_payload_len":508,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50164,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385156997634,"flow_src_last_pkt_time":1654385156997634,"flow_dst_last_pkt_time":1654385157178524,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1113,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1113,"flow_dst_max_l4_payload_len":680,"flow_src_tot_l4_payload_len":1113,"flow_dst_tot_l4_payload_len":680,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50166,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":2,"flow_first_seen":1654385157001678,"flow_src_last_pkt_time":1654385157001678,"flow_dst_last_pkt_time":1654385157186882,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1119,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1119,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":1119,"flow_dst_tot_l4_payload_len":1950,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":50176,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":3,"flow_first_seen":1654385141046673,"flow_src_last_pkt_time":1654385141046673,"flow_dst_last_pkt_time":1654385141076027,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":426,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":426,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":426,"flow_dst_tot_l4_payload_len":1925,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.37","src_port":41390,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Google","proto_id":"7.126","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385235892637,"flow_src_last_pkt_time":1654385235892637,"flow_dst_last_pkt_time":1654385236487007,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1229,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1229,"flow_dst_max_l4_payload_len":434,"flow_src_tot_l4_payload_len":1229,"flow_dst_tot_l4_payload_len":434,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.64","src_port":51686,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00998{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":10,"flow_first_seen":1654385143337063,"flow_src_last_pkt_time":1654385143337063,"flow_dst_last_pkt_time":1654385143386689,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":421,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":421,"flow_dst_max_l4_payload_len":2836,"flow_src_tot_l4_payload_len":421,"flow_dst_tot_l4_payload_len":20463,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"142.250.186.174","src_port":36732,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Google","proto_id":"7.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":0,"breed":"Acceptable","category_id":101,"category":"Advertisement"}}
@@ -1263,7 +1263,7 @@
01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385119050609,"flow_src_last_pkt_time":1654385119050609,"flow_dst_last_pkt_time":1654385119358297,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":538,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":189,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":189,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.104.93.92","src_port":60962,"dst_port":1234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385119973654,"flow_src_last_pkt_time":1654385119973654,"flow_dst_last_pkt_time":1654385120216027,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":538,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":189,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":189,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.104.93.92","src_port":60972,"dst_port":1234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
01112{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385120896744,"flow_src_last_pkt_time":1654385120896744,"flow_dst_last_pkt_time":1654385121164319,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":538,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":189,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":189,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.104.93.92","src_port":60984,"dst_port":1234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00967{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":1,"flow_first_seen":1654385232158874,"flow_src_last_pkt_time":1654385232159668,"flow_dst_last_pkt_time":1654385232180473,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1444,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":2452,"flow_dst_tot_l4_payload_len":88,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.112.118","src_port":35426,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
+00969{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":1,"flow_first_seen":1654385232158874,"flow_src_last_pkt_time":1654385232159668,"flow_dst_last_pkt_time":1654385232180473,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1444,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":2452,"flow_dst_tot_l4_payload_len":88,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"8.209.112.118","src_port":35426,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385229378645,"flow_src_last_pkt_time":1654385229378645,"flow_dst_last_pkt_time":1654385229413001,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":1249,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1249,"flow_dst_max_l4_payload_len":353,"flow_src_tot_l4_payload_len":1249,"flow_dst_tot_l4_payload_len":353,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.64.79.50","src_port":41940,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":3,"flow_first_seen":1654385131029337,"flow_src_last_pkt_time":1654385131355130,"flow_dst_last_pkt_time":1654385131589006,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":202,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":202,"flow_dst_max_l4_payload_len":6232,"flow_src_tot_l4_payload_len":404,"flow_dst_tot_l4_payload_len":6868,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.105.121.82","src_port":60148,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00969{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385181857708,"flow_src_last_pkt_time":1654385181857708,"flow_dst_last_pkt_time":1654385181897114,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":409,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":409,"flow_dst_max_l4_payload_len":983,"flow_src_tot_l4_payload_len":409,"flow_dst_tot_l4_payload_len":983,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"104.117.221.10","src_port":59324,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
@@ -1272,14 +1272,14 @@
00780{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1654385184928623,"flow_src_last_pkt_time":1654385184928623,"flow_dst_last_pkt_time":1654385184928623,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":233,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":233,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":233,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"18.66.2.90","src_port":35666,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":33,"flow_first_seen":1654385136207603,"flow_src_last_pkt_time":1654385137102946,"flow_dst_last_pkt_time":1654385137795047,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":208,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":21600,"flow_src_tot_l4_payload_len":420,"flow_dst_tot_l4_payload_len":179545,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.105.121.82","src_port":46170,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":13,"flow_first_seen":1654385136206220,"flow_src_last_pkt_time":1654385137480116,"flow_dst_last_pkt_time":1654385137451797,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":207,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":23040,"flow_src_tot_l4_payload_len":631,"flow_dst_tot_l4_payload_len":72797,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.105.121.82","src_port":46184,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-01100{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127425884,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":264,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":264,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"4": {"risk":"Binary App Transfer","severity":"Severe","risk_score": {"total":150,"client":135,"server":15}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":7,"category":"Download"}}
+01102{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385127244156,"flow_src_last_pkt_time":1654385127244156,"flow_dst_last_pkt_time":1654385127425884,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":157,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":157,"flow_dst_max_l4_payload_len":264,"flow_src_tot_l4_payload_len":157,"flow_dst_tot_l4_payload_len":264,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47230,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"4": {"risk":"Binary App Transfer","severity":"Severe","risk_score": {"total":150,"client":135,"server":15}}},"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":7,"category":"Download"}}
00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":4,"flow_first_seen":1654385229374771,"flow_src_last_pkt_time":1654385236365099,"flow_dst_last_pkt_time":1654385236412092,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":20,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1440,"flow_dst_max_l4_payload_len":114,"flow_src_tot_l4_payload_len":8181,"flow_dst_tot_l4_payload_len":423,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"52.29.177.177","src_port":37100,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web"}}
00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":18,"flow_first_seen":1654385136215384,"flow_src_last_pkt_time":1654385137106944,"flow_dst_last_pkt_time":1654385137458576,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":212,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":21600,"flow_src_tot_l4_payload_len":424,"flow_dst_tot_l4_payload_len":81501,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.105.121.82","src_port":46200,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1654385128878259,"flow_src_last_pkt_time":1654385129990203,"flow_dst_last_pkt_time":1654385130178547,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":860,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":880,"flow_dst_max_l4_payload_len":2746,"flow_src_tot_l4_payload_len":1740,"flow_dst_tot_l4_payload_len":3242,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47246,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1654385128878259,"flow_src_last_pkt_time":1654385129990203,"flow_dst_last_pkt_time":1654385130178547,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":860,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":880,"flow_dst_max_l4_payload_len":2746,"flow_src_tot_l4_payload_len":1740,"flow_dst_tot_l4_payload_len":3242,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47246,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":12,"flow_first_seen":1654385136216297,"flow_src_last_pkt_time":1654385137088135,"flow_dst_last_pkt_time":1654385137795021,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":211,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":212,"flow_dst_max_l4_payload_len":37440,"flow_src_tot_l4_payload_len":423,"flow_dst_tot_l4_payload_len":124042,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"172.105.121.82","src_port":46212,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385128878298,"flow_src_last_pkt_time":1654385128878298,"flow_dst_last_pkt_time":1654385129190022,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":871,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":871,"flow_dst_max_l4_payload_len":817,"flow_src_tot_l4_payload_len":871,"flow_dst_tot_l4_payload_len":817,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47262,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385129449830,"flow_src_last_pkt_time":1654385129449830,"flow_dst_last_pkt_time":1654385129804228,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":916,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":916,"flow_dst_max_l4_payload_len":265,"flow_src_tot_l4_payload_len":916,"flow_dst_tot_l4_payload_len":265,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00984{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":73,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385145095894,"flow_dst_last_pkt_time":1654385145302253,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":8640,"flow_src_tot_l4_payload_len":4383,"flow_dst_tot_l4_payload_len":173462,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385128878298,"flow_src_last_pkt_time":1654385128878298,"flow_dst_last_pkt_time":1654385129190022,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":871,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":871,"flow_dst_max_l4_payload_len":817,"flow_src_tot_l4_payload_len":871,"flow_dst_tot_l4_payload_len":817,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47262,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385129449830,"flow_src_last_pkt_time":1654385129449830,"flow_dst_last_pkt_time":1654385129804228,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":916,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":916,"flow_dst_max_l4_payload_len":265,"flow_src_tot_l4_payload_len":916,"flow_dst_tot_l4_payload_len":265,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":47272,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
+00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":73,"flow_first_seen":1654385140171515,"flow_src_last_pkt_time":1654385145095894,"flow_dst_last_pkt_time":1654385145302253,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":424,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":765,"flow_dst_max_l4_payload_len":8640,"flow_src_tot_l4_payload_len":4383,"flow_dst_tot_l4_payload_len":173462,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"161.117.13.29","src_port":45380,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Alibaba","proto_by_ip_id":274,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1654385139579809,"flow_src_last_pkt_time":1654385139579809,"flow_dst_last_pkt_time":1654385139941321,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":887,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":887,"flow_dst_max_l4_payload_len":497,"flow_src_tot_l4_payload_len":887,"flow_dst_tot_l4_payload_len":497,"midstream":1,"thread_ts_usec":1654385236487007,"l3_proto":"ip4","src_ip":"192.168.2.126","dst_ip":"103.29.71.30","src_port":35200,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.1kxun","proto_id":"7.295","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":17,"category":"Streaming"}}
00598{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":1723,"source":"cfgs\/default\/pcap\/1kxun.pcap","alias":"nDPId-test","packets-captured":1723,"packets-processed":1723,"total-skipped-flows":0,"total-l4-payload-len":2427316,"total-not-detected-flows":14,"total-guessed-flows":6,"total-detected-flows":177,"total-detection-updates":14,"total-updates":38,"current-active-flows":0,"total-active-flows":197,"total-idle-flows":197,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":1284,"global_ts_usec":1654385236487007}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
@@ -1290,9 +1290,9 @@
~~ total active/idle flows...: 197/197
~~ total timeout flows.......: 20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 8163038 bytes
-~~ total memory freed........: 8163038 bytes
-~~ total allocations/frees...: 147022/147022
+~~ total memory allocated....: 8207276 bytes
+~~ total memory freed........: 8207276 bytes
+~~ total allocations/frees...: 147869/147869
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 511 chars
~~ json string max len.......: 9026 chars
Powered by cgit, Themed by Ted Yin.