diff options
| author | lns <matzeton@googlemail.com> | 2023-05-26 11:17:38 +0200 |
|---|---|---|
| committer | lns <matzeton@googlemail.com> | 2023-05-26 11:17:38 +0200 |
| commit | 8a936a507271b727f7b0907a20fbddbe85bb725e (patch) | |
| tree | fc5d940c747ea965884e60275eafda32ae5823b5 /test/results/default/gnutella.pcap.out | |
| parent | c9514136b7c4246a57b85474d1a8e376a9009d4a (diff) | |
Fixed integer overflow for tcp timeout (>INT_MAX).
Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/gnutella.pcap.out')
| -rw-r--r-- | test/results/default/gnutella.pcap.out | 1928 |
1 files changed, 964 insertions, 964 deletions
diff --git a/test/results/default/gnutella.pcap.out b/test/results/default/gnutella.pcap.out index b72650bdd..3b6066f1d 100644 --- a/test/results/default/gnutella.pcap.out +++ b/test/results/default/gnutella.pcap.out @@ -1,4 +1,4 @@ -00509{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":3265032704,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} +00509{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0} 00269{"error_event_id":4,"error_event_name":"Packet too short","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":22,"packet_id":1,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","size":4,"expected":14,"global_ts_usec":22} 00278{"packet_event_id":1,"packet_event_name":"packet","packet_id":1,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":4,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"thread_ts_usec":22,"pkt":"AAAAAA=="} 00704{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752391,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5} @@ -145,92 +145,92 @@ 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61470563,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUAAAIARoX4KAAIPCgACAuEUFOcACvHNAAA="} 01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61974633,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XhVAAIAGAIEKAAIPUIw\/k8QOc2l5awyyAAAAAIAC+vAaXAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":61974915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":1,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":61974915,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61974915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0N+lAAIAGQ8EKAAIPzyaj5MQPGnrqoUd3AAAAAIAC+vDkYgAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":61975137,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61975137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":61975137,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61975137,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uv9AAIAGr1wKAAIPLUFXGMQQP0mE8cSsAAAAAIAC+vCWvwAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":61975321,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61975321,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":1,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":61975321,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61975321,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RCxAAIAGHSsKAAIPWUs0E8QRs7p3YZmDAAAAAIAC+vBSAQAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61975786,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_packet_id":1,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61975786,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uHJAAIAGlxEKAAIPXJhCmcQSqvtQr5pUAAAAAIAC+vBuzQAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61977895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61977895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c7hAAIAGSJYKAAIPop2PycQTdELYuuv1AAAAAIAC+vA4owAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61974633,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XhVAAIAGAIEKAAIPUIw\/k8QOc2l5awyyAAAAAIAC+vAaXAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":61974915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":1,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":61974915,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61974915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0N+lAAIAGQ8EKAAIPzyaj5MQPGnrqoUd3AAAAAIAC+vDkYgAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":61975137,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61975137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":161,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":61975137,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61975137,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uv9AAIAGr1wKAAIPLUFXGMQQP0mE8cSsAAAAAIAC+vCWvwAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":61975321,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61975321,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":162,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":1,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":61975321,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61975321,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RCxAAIAGHSsKAAIPWUs0E8QRs7p3YZmDAAAAAIAC+vBSAQAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61975786,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":163,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_packet_id":1,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61975786,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uHJAAIAGlxEKAAIPXJhCmcQSqvtQr5pUAAAAAIAC+vBuzQAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61977895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61977895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c7hAAIAGSJYKAAIPop2PycQTdELYuuv1AAAAAIAC+vA4owAAAgQFtAEDAwgBAQQC"} 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61999388,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUEAAIARoX0KAAIPCgACAuEVFOcACvHMAAA="} 01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":2,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":62017825,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62017825,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoIAAEAG5+ItQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":2,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":62020527,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62020527,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoMAAEAG3txZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":62023491,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62023491,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoQAAEAG3BpQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":2,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":62081955,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62081955,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoUAAEAG+S3PJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63000408,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63000408,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63000408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63000408,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63000408,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LR1AAIAG4GIKAAIP2voGO8QUMQyspeBzAAAAAIAC+vAEoQAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63001005,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63001005,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63001005,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":1,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63001005,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63001005,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TE9AAIAGHHcKAAIPdqgPR8QVD1shnh\/ZAAAAAIAC+vDNOQAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63001498,"flow_src_last_pkt_time":63001498,"flow_dst_last_pkt_time":63001498,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63001498,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":1,"flow_src_last_pkt_time":63001498,"flow_dst_last_pkt_time":63001498,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63001498,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1pAAIAGzIUKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63001980,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63001980,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63001980,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":1,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63001980,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63001980,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uwRAAIAG0AgKAAIPL5M0FcQXj3g4QcNOAAAAAIAC+vC1SAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":63002411,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63002411,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":63002411,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63002411,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xtpAAIAGndkKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":63002631,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63002631,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":63002631,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63002631,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IqxAAIAGH9YKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":2,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":62017825,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62017825,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoIAAEAG5+ItQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":2,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":62020527,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62020527,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoMAAEAG3txZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":62023491,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62023491,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoQAAEAG3BpQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":169,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":2,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":62081955,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62081955,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoUAAEAG+S3PJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63000408,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63000408,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63000408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63000408,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63000408,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LR1AAIAG4GIKAAIP2voGO8QUMQyspeBzAAAAAIAC+vAEoQAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63001005,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63001005,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63001005,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":1,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63001005,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63001005,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TE9AAIAGHHcKAAIPdqgPR8QVD1shnh\/ZAAAAAIAC+vDNOQAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63001498,"flow_src_last_pkt_time":63001498,"flow_dst_last_pkt_time":63001498,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63001498,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":172,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":1,"flow_src_last_pkt_time":63001498,"flow_dst_last_pkt_time":63001498,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63001498,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1pAAIAGzIUKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63001980,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63001980,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63001980,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":1,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63001980,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63001980,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uwRAAIAG0AgKAAIPL5M0FcQXj3g4QcNOAAAAAIAC+vC1SAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":63002411,"flow_dst_last_pkt_time":63002411,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63002411,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":174,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":63002411,"flow_dst_last_pkt_time":63002411,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63002411,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xtpAAIAGndkKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":63002631,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63002631,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":63002631,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63002631,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IqxAAIAGH9YKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":1,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":63029620,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUIAAIARoXwKAAIPCgACAuEWFOcACvHLAAA="} 01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":2,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63233986,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoYAAEAGCJAvkzQVCgACD494xBcAY5wBOEHDT2AS\/\/882gAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":63234208,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63234208,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouwVAAIAG0BMKAAIPL5M0FcQXj3g4QcNPAGOcAlAQ+vBZpgAA"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":2,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63250328,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAocAAEAGiwHa+gY7CgACDzEMxBQAZJYBrKXgdGAS\/\/+SMQAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":3,"flow_src_last_pkt_time":63250533,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63250533,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoLR5AAIAG4G0KAAIP2voGO8QUMQyspeB0AGSWAlAQ+vCu\/QAA"} -01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":4,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":63261281,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+uwZAAIAGzbwKAAIPL5M0FcQXj3g4QcNPAGOcAlAY+vDqwQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0Ny4xNDcuNTIuMjENClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001980,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261281,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":4,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":63261329,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+LR9AAIAG3hYKAAIP2voGO8QUMQyspeB0AGSWAlAY+vBKCgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMTguMjUwLjYuNTkNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63000408,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261329,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":183,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":5,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63261412,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63261412,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAogAAEAGCJIvkzQVCgACD494xBcAY5wCOEHFpVAQ\/\/9SQQAA"} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":184,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":5,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63261441,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63261441,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAokAAEAGiwPa+gY7CgACDzEMxBQAZJYCrKXiylAQ\/\/+nmAAA"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":185,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63297683,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAooAAEAG5kR2qA9HCgACDw9bxBUAZZABIZ4f2mAS\/\/9gyQAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":3,"flow_src_last_pkt_time":63297867,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63297867,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoTFBAAIAGHIIKAAIPdqgPR8QVD1shnh\/aAGWQAlAQ+vB9lQAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":4,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":63309570,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/TFFAAIAGGioKAAIPdqgPR8QVD1shnh\/aAGWQAlAY+vDsmwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMTguMTY4LjE1LjcxDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001005,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63309570,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":5,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63309750,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63309750,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAosAAEAG5kd2qA9HCgACDw9bxBUAZZACIZ4iMVAQ\/\/92LwAA"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64030714,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64030714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64030714,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":1,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64030714,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64030714,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZhAAIAG6a4KAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64031460,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64031460,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64031460,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":1,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64031460,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64031460,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cDRAAIAGoD8KAAIPPd6gY8QbSjIrqiNHAAAAAIAC+vAskAAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":64032037,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64032037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":1,"flow_src_last_pkt_time":64032037,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64032037,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FX9AAIAGQkwKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":64032422,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64032422,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":1,"flow_src_last_pkt_time":64032422,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64032422,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTBAAIAGk6sKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64032727,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64032727,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64032727,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":1,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64032727,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64032727,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0yBFAAIAG2fkKAAIPr7Wc9MQeID9tpdrVAAAAAIAC+vDujQAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":64033019,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64033019,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":1,"flow_src_last_pkt_time":64033019,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64033019,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpNAAIAGVgcKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":2,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64213365,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64213365,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApQAAP8Gwb497q2ACgACD+EwxBoAAAAAK91tIlAUAAB6CAAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":210,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":2,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":64275826,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsApUAAEAGjec93qBjCgACD0oyxBsAZ4QBK6ojSGAS\/\/\/MHQAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":3,"flow_src_last_pkt_time":64276185,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64276185,"pkt":"UlQAEjUCCAAn5uVZCABFAAAocDVAAIAGoEoKAAIPPd6gY8QbSjIrqiNIAGeEAlAQ+vDo6QAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":4,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":64276339,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/cDZAAIAGnfIKAAIPPd6gY8QbSjIrqiNIAGeEAlAY+vBX8QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA2MS4yMjIuMTYwLjk5DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64031460,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64276339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":5,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64276411,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64276411,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApYAAEAGjeo93qBjCgACD0oyxBsAZ4QCK6oln1AQ\/\/\/hgwAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":2,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":64291117,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsApcAAEAGH32vtZz0CgACDyA\/xB4AaH4BbaXa1mAS\/\/+UGgAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":3,"flow_src_last_pkt_time":64291318,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64291318,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoyBJAAIAG2gQKAAIPr7Wc9MQeID9tpdrWAGh+AlAQ+vCw5gAA"} -00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":4,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":358,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":358,"pkt_l4_len":324,"thread_ts_usec":64291511,"pkt":"UlQAEjUCCAAn5uVZCABFAAFYyBNAAIAG2NMKAAIPr7Wc9MQeID9tpdrWAGh+AlAY+vC9zgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDE3NS4xODEuMTU2LjI0NA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkJ5ZS1QYWNrZXQ6IDAuMQ0KQWNjZXB0OiBhcHBsaWNhdGlvbi94LWdudXRlbGxhMg0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtSHViOiBGYWxzZQ0KWC1IdWItTmVlZGVkOiBUcnVlDQoNCg=="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64032727,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64291511,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":5,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291584,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64291584,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApgAAEAGH4CvtZz0CgACDyA\/xB4AaH4CbaXcBlAQ\/\/+qpwAA"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":3,"flow_src_last_pkt_time":64717165,"flow_dst_last_pkt_time":64213365,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64717165,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZlAAIAG6a0KAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":4,"flow_src_last_pkt_time":64717165,"flow_dst_last_pkt_time":64900515,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64900515,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAp4AAP8GwbQ97q2ACgACD+EwxBoAAAAAK91tIlAUAAB6CAAA"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":65061127,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65061127,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":1,"flow_src_last_pkt_time":65061127,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65061127,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q8tAAIAGVuYKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":65061649,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65061649,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":1,"flow_src_last_pkt_time":65061649,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65061649,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02YBAAIAG1DkKAAIPcfzO\/sQhwbNg4z+5AAAAAIAC+vAApAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":65062149,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65062149,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":1,"flow_src_last_pkt_time":65062149,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65062149,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pW5AAIAGEbcKAAIPJOoSpsQi79zHbZnNAAAAAIAC+vAbRgAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65062594,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65062594,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65062594,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":1,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65062594,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65062594,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SFBAAIAGjWIKAAIPDscKPMQjW6L9nzYkAAAAAIAC+vD7gwAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":65062972,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65062972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":1,"flow_src_last_pkt_time":65062972,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65062972,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NVpAAIAG3iEKAAIPXxF8KMQkGnhkTfi6AAAAAIAC+vBRMgAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":65063303,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65063303,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":65063303,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65063303,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWpAAIAG8s4KAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":2,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63233986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63233986,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoYAAEAGCJAvkzQVCgACD494xBcAY5wBOEHDT2AS\/\/882gAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":63234208,"flow_dst_last_pkt_time":63233986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63234208,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouwVAAIAG0BMKAAIPL5M0FcQXj3g4QcNPAGOcAlAQ+vBZpgAA"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":2,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63250328,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63250328,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAocAAEAGiwHa+gY7CgACDzEMxBQAZJYBrKXgdGAS\/\/+SMQAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":180,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":3,"flow_src_last_pkt_time":63250533,"flow_dst_last_pkt_time":63250328,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63250533,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoLR5AAIAG4G0KAAIP2voGO8QUMQyspeB0AGSWAlAQ+vCu\/QAA"} +01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":4,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63233986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":63261281,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+uwZAAIAGzbwKAAIPL5M0FcQXj3g4QcNPAGOcAlAY+vDqwQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0Ny4xNDcuNTIuMjENClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001980,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63233986,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261281,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":4,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63250328,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":63261329,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+LR9AAIAG3hYKAAIP2voGO8QUMQyspeB0AGSWAlAY+vBKCgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMTguMjUwLjYuNTkNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":182,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63000408,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63250328,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261329,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":183,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":5,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63261412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63261412,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAogAAEAGCJIvkzQVCgACD494xBcAY5wCOEHFpVAQ\/\/9SQQAA"} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":184,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":5,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63261441,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63261441,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAokAAEAGiwPa+gY7CgACDzEMxBQAZJYCrKXiylAQ\/\/+nmAAA"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":185,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63297683,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63297683,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAooAAEAG5kR2qA9HCgACDw9bxBUAZZABIZ4f2mAS\/\/9gyQAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":186,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":3,"flow_src_last_pkt_time":63297867,"flow_dst_last_pkt_time":63297683,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63297867,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoTFBAAIAGHIIKAAIPdqgPR8QVD1shnh\/aAGWQAlAQ+vB9lQAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":4,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63297683,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":63309570,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/TFFAAIAGGioKAAIPdqgPR8QVD1shnh\/aAGWQAlAY+vDsmwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMTguMTY4LjE1LjcxDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":187,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001005,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63297683,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63309570,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":188,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":5,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63309750,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63309750,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAosAAEAG5kd2qA9HCgACDw9bxBUAZZACIZ4iMVAQ\/\/92LwAA"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64030714,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64030714,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64030714,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":203,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":1,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64030714,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64030714,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZhAAIAG6a4KAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64031460,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64031460,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64031460,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":1,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64031460,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64031460,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cDRAAIAGoD8KAAIPPd6gY8QbSjIrqiNHAAAAAIAC+vAskAAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":64032037,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64032037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":1,"flow_src_last_pkt_time":64032037,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64032037,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FX9AAIAGQkwKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":64032422,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64032422,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":1,"flow_src_last_pkt_time":64032422,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64032422,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTBAAIAGk6sKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64032727,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64032727,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64032727,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":1,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64032727,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64032727,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0yBFAAIAG2fkKAAIPr7Wc9MQeID9tpdrVAAAAAIAC+vDujQAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":64033019,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64033019,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":1,"flow_src_last_pkt_time":64033019,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64033019,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpNAAIAGVgcKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":209,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":2,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64213365,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64213365,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApQAAP8Gwb497q2ACgACD+EwxBoAAAAAK91tIlAUAAB6CAAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":210,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":2,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64275826,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":64275826,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsApUAAEAGjec93qBjCgACD0oyxBsAZ4QBK6ojSGAS\/\/\/MHQAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":211,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":3,"flow_src_last_pkt_time":64276185,"flow_dst_last_pkt_time":64275826,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64276185,"pkt":"UlQAEjUCCAAn5uVZCABFAAAocDVAAIAGoEoKAAIPPd6gY8QbSjIrqiNIAGeEAlAQ+vDo6QAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":4,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64275826,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":64276339,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/cDZAAIAGnfIKAAIPPd6gY8QbSjIrqiNIAGeEAlAY+vBX8QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA2MS4yMjIuMTYwLjk5DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":212,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64031460,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64275826,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64276339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":213,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":5,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64276411,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64276411,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApYAAEAGjeo93qBjCgACD0oyxBsAZ4QCK6oln1AQ\/\/\/hgwAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":214,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":2,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64291117,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":64291117,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsApcAAEAGH32vtZz0CgACDyA\/xB4AaH4BbaXa1mAS\/\/+UGgAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":215,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":3,"flow_src_last_pkt_time":64291318,"flow_dst_last_pkt_time":64291117,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64291318,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoyBJAAIAG2gQKAAIPr7Wc9MQeID9tpdrWAGh+AlAQ+vCw5gAA"} +00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":4,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291117,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":358,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":358,"pkt_l4_len":324,"thread_ts_usec":64291511,"pkt":"UlQAEjUCCAAn5uVZCABFAAFYyBNAAIAG2NMKAAIPr7Wc9MQeID9tpdrWAGh+AlAY+vC9zgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDE3NS4xODEuMTU2LjI0NA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkJ5ZS1QYWNrZXQ6IDAuMQ0KQWNjZXB0OiBhcHBsaWNhdGlvbi94LWdudXRlbGxhMg0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtSHViOiBGYWxzZQ0KWC1IdWItTmVlZGVkOiBUcnVlDQoNCg=="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":216,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64032727,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291117,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64291511,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":217,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":5,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291584,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64291584,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApgAAEAGH4CvtZz0CgACDyA\/xB4AaH4CbaXcBlAQ\/\/+qpwAA"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":227,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":3,"flow_src_last_pkt_time":64717165,"flow_dst_last_pkt_time":64213365,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64717165,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZlAAIAG6a0KAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":4,"flow_src_last_pkt_time":64717165,"flow_dst_last_pkt_time":64900515,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64900515,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAp4AAP8GwbQ97q2ACgACD+EwxBoAAAAAK91tIlAUAAB6CAAA"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":65061127,"flow_dst_last_pkt_time":65061127,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65061127,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":1,"flow_src_last_pkt_time":65061127,"flow_dst_last_pkt_time":65061127,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65061127,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q8tAAIAGVuYKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":65061649,"flow_dst_last_pkt_time":65061649,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65061649,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":1,"flow_src_last_pkt_time":65061649,"flow_dst_last_pkt_time":65061649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65061649,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02YBAAIAG1DkKAAIPcfzO\/sQhwbNg4z+5AAAAAIAC+vAApAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":65062149,"flow_dst_last_pkt_time":65062149,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65062149,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":1,"flow_src_last_pkt_time":65062149,"flow_dst_last_pkt_time":65062149,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65062149,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pW5AAIAGEbcKAAIPJOoSpsQi79zHbZnNAAAAAIAC+vAbRgAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65062594,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65062594,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65062594,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":1,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65062594,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65062594,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SFBAAIAGjWIKAAIPDscKPMQjW6L9nzYkAAAAAIAC+vD7gwAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":65062972,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65062972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":1,"flow_src_last_pkt_time":65062972,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65062972,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NVpAAIAG3iEKAAIPXxF8KMQkGnhkTfi6AAAAAIAC+vBRMgAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":65063303,"flow_dst_last_pkt_time":65063303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65063303,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":65063303,"flow_dst_last_pkt_time":65063303,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65063303,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWpAAIAG8s4KAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":182,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":182,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65065554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00739{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":1,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":224,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":224,"pkt_l4_len":190,"thread_ts_usec":65065554,"pkt":"AQBef\/\/6CAAn5uVZCABFAADS4KkAAAER3GgKAAIP7\/\/\/+uEXB2wAvizBTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6ZGV2aWNlOkludGVybmV0R2F0ZXdheURldmljZToyDQpNWDogMw0KDQo="} 00932{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":182,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":182,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65065554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} @@ -238,129 +238,129 @@ 00731{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":237,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":3,"flow_src_last_pkt_time":65065666,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":219,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":219,"pkt_l4_len":185,"thread_ts_usec":65065666,"pkt":"AQBef\/\/6CAAn5uVZCABFAADN4KsAAAER3GsKAAIP7\/\/\/+uEXB2wAuZDETS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5JUENvbm5lY3Rpb246Mg0KTVg6IDMNCg0K"} 00731{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":238,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":4,"flow_src_last_pkt_time":65065711,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":219,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":219,"pkt_l4_len":185,"thread_ts_usec":65065711,"pkt":"AQBef\/\/6CAAn5uVZCABFAADN4KwAAAER3GoKAAIP7\/\/\/+uEXB2wAuZDFTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5JUENvbm5lY3Rpb246MQ0KTVg6IDMNCg0K"} 00735{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":239,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":5,"flow_src_last_pkt_time":65065757,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":220,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":220,"pkt_l4_len":186,"thread_ts_usec":65065757,"pkt":"AQBef\/\/6CAAn5uVZCABFAADO4K0AAAER3GgKAAIP7\/\/\/+uEXB2wAumOZTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5QUFBDb25uZWN0aW9uOjENCk1YOiAzDQoNCg=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":2,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":65240540,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAp8AAEAGUxwOxwo8CgACD1uixCMAa2wB\/Z82JWAS\/\/+zDQAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":3,"flow_src_last_pkt_time":65241148,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":65241148,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoSFFAAIAGjW0KAAIPDscKPMQjW6L9nzYlAGtsAlAQ+vDP2QAA"} -01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":4,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":65241442,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+SFJAAIAGixYKAAIPDscKPMQjW6L9nzYlAGtsAlAY+vBm8QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNC4xOTkuMTAuNjANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":65062594,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65241442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":5,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65241604,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":65241604,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqAAAEAGUx8Oxwo8CgACD1uixCMAa2wC\/Z84e1AQ\/\/\/IdAAA"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":245,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":5,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":64900515,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65404055,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZpAAIAG6awKAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":2,"flow_src_last_pkt_time":66017540,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017540,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xttAAIAGndgKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":2,"flow_src_last_pkt_time":66017697,"flow_dst_last_pkt_time":63001498,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017697,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1tAAIAGzIQKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":2,"flow_src_last_pkt_time":66017738,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017738,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iq1AAIAGH9UKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":66076724,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66076724,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":1,"flow_src_last_pkt_time":66076724,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66076724,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FTdAAIAG3SoKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":66077295,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66077295,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":1,"flow_src_last_pkt_time":66077295,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66077295,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0CoxAAIAGJkgKAAIPfPRA7cQnEmB1c07JAAAAAIAC+vAPawAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":66077768,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66077768,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":1,"flow_src_last_pkt_time":66077768,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66077768,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdlAAIAGUVwKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":66078256,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66078256,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":1,"flow_src_last_pkt_time":66078256,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66078256,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8JAAIAGrlQKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":66078714,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66078714,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":1,"flow_src_last_pkt_time":66078714,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66078714,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EU5AAIAGi6EKAAIPWmf3XsQq5qXgntCpAAAAAIAC+vC6MQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":66079236,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66079236,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":1,"flow_src_last_pkt_time":66079236,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66079236,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gY5AAIAGBqEKAAIPwXmlDMQr2FBBRhZnAAAAAIAC+vANYQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":2,"flow_src_last_pkt_time":67044026,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67044026,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpRAAIAGVgYKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":2,"flow_src_last_pkt_time":67044026,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67044026,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FYBAAIAGQksKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":2,"flow_src_last_pkt_time":67044026,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67044026,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTFAAIAGk6oKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67092791,"flow_src_last_pkt_time":67092791,"flow_dst_last_pkt_time":67092791,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67092791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":1,"flow_src_last_pkt_time":67092791,"flow_dst_last_pkt_time":67092791,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67092791,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7lAAIAGcTAKAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":67093324,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67093324,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":1,"flow_src_last_pkt_time":67093324,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67093324,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faFAAIAGiKYKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67093789,"flow_src_last_pkt_time":67093789,"flow_dst_last_pkt_time":67093789,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67093789,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":1,"flow_src_last_pkt_time":67093789,"flow_dst_last_pkt_time":67093789,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67093789,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TEpAAIAGm28KAAIPdw6P7cQuGXtEBOluAAAAAIAC+vBV+AAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":67094277,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67094277,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":1,"flow_src_last_pkt_time":67094277,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67094277,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R0xAAIAGN+UKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":67094863,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67094863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":1,"flow_src_last_pkt_time":67094863,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67094863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtBAAIAGDgcKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":67095290,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67095290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":1,"flow_src_last_pkt_time":67095290,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67095290,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+zZAAIAGNBkKAAIPbdJRk8QxYOCX52ZFAAAAAIAC+vCFbAAAAgQFtAEDAwgBAQQC"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":2,"flow_src_last_pkt_time":67093789,"flow_dst_last_pkt_time":67457084,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":67457084,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqUAAP8GpiB3Do\/tCgACDxl7xC4AAAAARATpb1AUAACRqAAA"} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":271,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":2,"flow_src_last_pkt_time":67092791,"flow_dst_last_pkt_time":67657380,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":67657380,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqYAAP8Gw08k6cTiCgACDw7sxCwAAAAAEwSaoFAUAAA5OQAA"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":3,"flow_src_last_pkt_time":67969708,"flow_dst_last_pkt_time":67457084,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67969708,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TEtAAIAGm24KAAIPdw6P7cQuGXtEBOluAAAAAIAC+vBV+AAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":2,"flow_src_last_pkt_time":68075213,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075213,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWtAAIAG8s0KAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":2,"flow_src_last_pkt_time":68075314,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075314,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q8xAAIAGVuUKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":2,"flow_src_last_pkt_time":68075363,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075363,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pW9AAIAGEbYKAAIPJOoSpsQi79zHbZnNAAAAAIAC+vAbRgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":2,"flow_src_last_pkt_time":68075392,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075392,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NVtAAIAG3iAKAAIPXxF8KMQkGnhkTfi6AAAAAIAC+vBRMgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":2,"flow_src_last_pkt_time":68075415,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075415,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02YFAAIAG1DgKAAIPcfzO\/sQhwbNg4z+5AAAAAIAC+vAApAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68108022,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68108022,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68108022,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":1,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68108022,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68108022,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bmJAAIAGaL8KAAIPdPGiosQyPT31tKkaAAAAAIAC+vCwPQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":68108638,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68108638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":1,"flow_src_last_pkt_time":68108638,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68108638,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4hAAIAGtdgKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68109135,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68109135,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68109135,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":1,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68109135,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68109135,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KIlAAIAGNtsKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":68109715,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68109715,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":1,"flow_src_last_pkt_time":68109715,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68109715,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vGxAAIAGN8kKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":68110208,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68110208,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":1,"flow_src_last_pkt_time":68110208,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68110208,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKBAAIAGOe0KAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":68110677,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68110677,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":1,"flow_src_last_pkt_time":68110677,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68110677,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZlAAIAGsggKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":3,"flow_src_last_pkt_time":68170325,"flow_dst_last_pkt_time":67657380,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68170325,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7pAAIAGcS8KAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":4,"flow_src_last_pkt_time":67969708,"flow_dst_last_pkt_time":68329015,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68329015,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqcAAP8Gph53Do\/tCgACDxl7xC4AAAAARATpb1AUAACRqAAA"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":2,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":68368318,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAqgAAEAGVIJ08aKiCgACDz09xDIAcUgB9bSpG2AS\/\/+LwQAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":3,"flow_src_last_pkt_time":68368739,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68368739,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobmNAAIAGaMoKAAIPdPGiosQyPT31tKkbAHFIAlAQ+vCojQAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":4,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":68372551,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBbmRAAIAGZnAKAAIPdPGiosQyPT31tKkbAHFIAlAY+vDrYwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMTYuMjQxLjE2Mi4xNjINClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":68108022,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68372551,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":5,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68372741,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68372741,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqkAAEAGVIV08aKiCgACDz09xDIAcUgC9bSrdFAQ\/\/+hJQAA"} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":2,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68425030,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68425030,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqoAAP8GHcZv8R9gCgACDzgwxDQAAAAAU1SN+lAUAAA2vQAA"} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":4,"flow_src_last_pkt_time":68170325,"flow_dst_last_pkt_time":68616752,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68616752,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqsAAP8Gw0ok6cTiCgACDw7sxCwAAAAAEwSaoFAUAAA5OQAA"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":297,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":5,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":68329015,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68857088,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TExAAIAGm20KAAIPdw6P7cQuGXtEBOluAAAAAIAC+vBV+AAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":298,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":3,"flow_src_last_pkt_time":68935809,"flow_dst_last_pkt_time":68425030,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68935809,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KIpAAIAGNtoKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":2,"flow_src_last_pkt_time":69076695,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076695,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdpAAIAGUVsKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":2,"flow_src_last_pkt_time":69076754,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076754,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8NAAIAGrlMKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":2,"flow_src_last_pkt_time":69076773,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076773,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FThAAIAG3SkKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":302,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":2,"flow_src_last_pkt_time":69076790,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076790,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EU9AAIAGi6AKAAIPWmf3XsQq5qXgntCpAAAAAIAC+vC6MQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":2,"flow_src_last_pkt_time":69076813,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076813,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Co1AAIAGJkcKAAIPfPRA7cQnEmB1c07JAAAAAIAC+vAPawAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":2,"flow_src_last_pkt_time":69092897,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69092897,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gY9AAIAGBqAKAAIPwXmlDMQr2FBBRhZnAAAAAIAC+vANYQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":5,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":68616752,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69124029,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7tAAIAGcS4KAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69141177,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69141177,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69141177,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":1,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69141177,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69141177,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LcBAAIAGF3gKAAIPtpvy4cQ4Otw6vMh+AAAAAIAC+vC8QwAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":69141655,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69141655,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":1,"flow_src_last_pkt_time":69141655,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69141655,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LRAAIAGCWgKAAIPAaMO9sQ5MjZr2Fv\/AAAAAIAC+vCZMAAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":69142033,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142033,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":1,"flow_src_last_pkt_time":69142033,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142033,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VPxAAIAGOusKAAIPQr0cEcQ6P42S8gLxAAAAAIAC+vBvlwAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142400,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69142400,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142400,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":1,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69142400,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142400,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AgNAAIAGSRQKAAIPLVh2RsQ7GvpGaqL3AAAAAIAC+vD72gAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142619,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69142619,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142619,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":1,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69142619,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142619,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Z6pAAIAGohwKAAIPXR2H0cQ8GMo64wwuAAAAAIAC+vBfCgAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":69142856,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":1,"flow_src_last_pkt_time":69142856,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142856,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lydAAIAGNGMKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":2,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69169021,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAq8AAEAGhyBdHYfRCgACDxjKxDwAczwBOuMML2AS\/\/9GjAAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":3,"flow_src_last_pkt_time":69169240,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69169240,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoZ6tAAIAGoicKAAIPXR2H0cQ8GMo64wwvAHM8AlAQ+vBjWAAA"} -00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":4,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":356,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":356,"pkt_l4_len":322,"thread_ts_usec":69174200,"pkt":"UlQAEjUCCAAn5uVZCABFAAFWZ6xAAIAGoPgKAAIPXR2H0cQ8GMo64wwvAHM8AlAY+vCUgAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDkzLjI5LjEzNS4yMDkNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpCeWUtUGFja2V0OiAwLjENCkFjY2VwdDogYXBwbGljYXRpb24veC1nbnV0ZWxsYTINCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLUh1YjogRmFsc2UNClgtSHViLU5lZWRlZDogVHJ1ZQ0KDQo="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142619,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69174200,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":5,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69174331,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69174331,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoArAAAEAGhyNdHYfRCgACDxjKxDwAczwCOuMNXVAQ\/\/9dGwAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":2,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69182147,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArEAAEAGyG4tWHZGCgACDxr6xDsAdDYBRmqi+GAS\/\/\/pWwAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":3,"flow_src_last_pkt_time":69182344,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69182344,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoAgRAAIAGSR8KAAIPLVh2RsQ7GvpGaqL4AHQ2AlAQ+vAGKAAA"} -01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":4,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":69182494,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+AgVAAIAGRsgKAAIPLVh2RsQ7GvpGaqL4AHQ2AlAY+vCgMQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0NS44OC4xMTguNzANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142400,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69182494,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":5,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182600,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69182600,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoArIAAEAGyHEtWHZGCgACDxr6xDsAdDYCRmqlTlAQ\/\/\/+wgAA"} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":4,"flow_src_last_pkt_time":68935809,"flow_dst_last_pkt_time":69232563,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69232563,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoArcAAP8GHblv8R9gCgACDzgwxDQAAAAAU1SN+lAUAAA2vQAA"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":3,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":69360165,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360165,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArgAAEAG3qdZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":3,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":69360270,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360270,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArkAAEAG56stQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":3,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":69360303,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360303,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAroAAEAG+PjPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":3,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":69360329,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360329,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArsAAEAG2+NQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":2,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360359,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArwAAEAGwoS2m\/LhCgACDzrcxDgAdioBOrzIf2AS\/\/+1wgAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":3,"flow_src_last_pkt_time":69360759,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69360759,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoLcFAAIAGF4MKAAIPtpvy4cQ4Otw6vMh\/AHYqAlAQ+vDSjgAA"} -01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":4,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":69361087,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBLcJAAIAGFSkKAAIPtpvy4cQ4Otw6vMh\/AHYqAlAY+vATYQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODIuMTU1LjI0Mi4yMjUNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69141177,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69361087,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":5,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69361312,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69361312,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAr0AAEAGwoe2m\/LhCgACDzrcxDgAdioCOrzK2FAQ\/\/\/LJgAA"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":5,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":69232563,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69747482,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KItAAIAGNtkKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":2,"flow_src_last_pkt_time":70110432,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110432,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtFAAIAGDgYKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":2,"flow_src_last_pkt_time":70110576,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110576,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faJAAIAGiKUKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":2,"flow_src_last_pkt_time":70110619,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110619,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R01AAIAGN+QKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":2,"flow_src_last_pkt_time":70110654,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110654,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+zdAAIAGNBgKAAIPbdJRk8QxYOCX52ZFAAAAAIAC+vCFbAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":70170653,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70170653,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":1,"flow_src_last_pkt_time":70170653,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70170653,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KcZAAIAGHhgKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":70171206,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70171206,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":1,"flow_src_last_pkt_time":70171206,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70171206,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kJAAIAGdAcKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":70171598,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70171598,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":1,"flow_src_last_pkt_time":70171598,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70171598,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rm9AAIAGeMEKAAIPJO0KmMRAUy2fhJtvAAAAAIAC+vDmKQAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":70171959,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70171959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":1,"flow_src_last_pkt_time":70171959,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70171959,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0A95AAIAG2\/QKAAIPYhKs0MRB9sQLj4LfAAAAAIAC+vAPuQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":70172361,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70172361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":1,"flow_src_last_pkt_time":70172361,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70172361,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LJpAAIAGiMUKAAIPbdLLg8RCGMrxPNpbAAAAAIAC+vCGFQAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":70172719,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70172719,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":1,"flow_src_last_pkt_time":70172719,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70172719,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UWtAAIAGasMKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":241,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":2,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65240540,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":65240540,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAp8AAEAGUxwOxwo8CgACD1uixCMAa2wB\/Z82JWAS\/\/+zDQAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":242,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":3,"flow_src_last_pkt_time":65241148,"flow_dst_last_pkt_time":65240540,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":65241148,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoSFFAAIAGjW0KAAIPDscKPMQjW6L9nzYlAGtsAlAQ+vDP2QAA"} +01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":4,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65240540,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":65241442,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+SFJAAIAGixYKAAIPDscKPMQjW6L9nzYlAGtsAlAY+vBm8QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNC4xOTkuMTAuNjANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":243,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":65062594,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65240540,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65241442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":244,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":5,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65241604,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":65241604,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqAAAEAGUx8Oxwo8CgACD1uixCMAa2wC\/Z84e1AQ\/\/\/IdAAA"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":245,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":5,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":64900515,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65404055,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZpAAIAG6awKAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":252,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":2,"flow_src_last_pkt_time":66017540,"flow_dst_last_pkt_time":63002411,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017540,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xttAAIAGndgKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":253,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":2,"flow_src_last_pkt_time":66017697,"flow_dst_last_pkt_time":63001498,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017697,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1tAAIAGzIQKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":254,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":2,"flow_src_last_pkt_time":66017738,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017738,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iq1AAIAGH9UKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":66076724,"flow_dst_last_pkt_time":66076724,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66076724,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":1,"flow_src_last_pkt_time":66076724,"flow_dst_last_pkt_time":66076724,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66076724,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FTdAAIAG3SoKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":66077295,"flow_dst_last_pkt_time":66077295,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66077295,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":1,"flow_src_last_pkt_time":66077295,"flow_dst_last_pkt_time":66077295,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66077295,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0CoxAAIAGJkgKAAIPfPRA7cQnEmB1c07JAAAAAIAC+vAPawAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":66077768,"flow_dst_last_pkt_time":66077768,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66077768,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":1,"flow_src_last_pkt_time":66077768,"flow_dst_last_pkt_time":66077768,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66077768,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdlAAIAGUVwKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":66078256,"flow_dst_last_pkt_time":66078256,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66078256,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":1,"flow_src_last_pkt_time":66078256,"flow_dst_last_pkt_time":66078256,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66078256,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8JAAIAGrlQKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":66078714,"flow_dst_last_pkt_time":66078714,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66078714,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":1,"flow_src_last_pkt_time":66078714,"flow_dst_last_pkt_time":66078714,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66078714,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EU5AAIAGi6EKAAIPWmf3XsQq5qXgntCpAAAAAIAC+vC6MQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":66079236,"flow_dst_last_pkt_time":66079236,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":66079236,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":1,"flow_src_last_pkt_time":66079236,"flow_dst_last_pkt_time":66079236,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66079236,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gY5AAIAGBqEKAAIPwXmlDMQr2FBBRhZnAAAAAIAC+vANYQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":2,"flow_src_last_pkt_time":67044026,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67044026,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpRAAIAGVgYKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":262,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":2,"flow_src_last_pkt_time":67044026,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67044026,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FYBAAIAGQksKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":2,"flow_src_last_pkt_time":67044026,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67044026,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTFAAIAGk6oKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67092791,"flow_src_last_pkt_time":67092791,"flow_dst_last_pkt_time":67092791,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67092791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":264,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":1,"flow_src_last_pkt_time":67092791,"flow_dst_last_pkt_time":67092791,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67092791,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7lAAIAGcTAKAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":67093324,"flow_dst_last_pkt_time":67093324,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67093324,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":1,"flow_src_last_pkt_time":67093324,"flow_dst_last_pkt_time":67093324,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67093324,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faFAAIAGiKYKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67093789,"flow_src_last_pkt_time":67093789,"flow_dst_last_pkt_time":67093789,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67093789,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":1,"flow_src_last_pkt_time":67093789,"flow_dst_last_pkt_time":67093789,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67093789,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TEpAAIAGm28KAAIPdw6P7cQuGXtEBOluAAAAAIAC+vBV+AAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":67094277,"flow_dst_last_pkt_time":67094277,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67094277,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":1,"flow_src_last_pkt_time":67094277,"flow_dst_last_pkt_time":67094277,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67094277,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R0xAAIAGN+UKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":67094863,"flow_dst_last_pkt_time":67094863,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67094863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":268,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":1,"flow_src_last_pkt_time":67094863,"flow_dst_last_pkt_time":67094863,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67094863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtBAAIAGDgcKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":67095290,"flow_dst_last_pkt_time":67095290,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":67095290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":269,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":1,"flow_src_last_pkt_time":67095290,"flow_dst_last_pkt_time":67095290,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67095290,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+zZAAIAGNBkKAAIPbdJRk8QxYOCX52ZFAAAAAIAC+vCFbAAAAgQFtAEDAwgBAQQC"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":270,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":2,"flow_src_last_pkt_time":67093789,"flow_dst_last_pkt_time":67457084,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":67457084,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqUAAP8GpiB3Do\/tCgACDxl7xC4AAAAARATpb1AUAACRqAAA"} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":271,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":2,"flow_src_last_pkt_time":67092791,"flow_dst_last_pkt_time":67657380,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":67657380,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqYAAP8Gw08k6cTiCgACDw7sxCwAAAAAEwSaoFAUAAA5OQAA"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":272,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":3,"flow_src_last_pkt_time":67969708,"flow_dst_last_pkt_time":67457084,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":67969708,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TEtAAIAGm24KAAIPdw6P7cQuGXtEBOluAAAAAIAC+vBV+AAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":273,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":2,"flow_src_last_pkt_time":68075213,"flow_dst_last_pkt_time":65063303,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075213,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWtAAIAG8s0KAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":2,"flow_src_last_pkt_time":68075314,"flow_dst_last_pkt_time":65061127,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075314,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q8xAAIAGVuUKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":275,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":2,"flow_src_last_pkt_time":68075363,"flow_dst_last_pkt_time":65062149,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075363,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pW9AAIAGEbYKAAIPJOoSpsQi79zHbZnNAAAAAIAC+vAbRgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":276,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":2,"flow_src_last_pkt_time":68075392,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075392,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NVtAAIAG3iAKAAIPXxF8KMQkGnhkTfi6AAAAAIAC+vBRMgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":277,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":2,"flow_src_last_pkt_time":68075415,"flow_dst_last_pkt_time":65061649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68075415,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02YFAAIAG1DgKAAIPcfzO\/sQhwbNg4z+5AAAAAIAC+vAApAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68108022,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68108022,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68108022,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":1,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68108022,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68108022,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bmJAAIAGaL8KAAIPdPGiosQyPT31tKkaAAAAAIAC+vCwPQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":68108638,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68108638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":1,"flow_src_last_pkt_time":68108638,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68108638,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4hAAIAGtdgKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68109135,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68109135,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68109135,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":1,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68109135,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68109135,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KIlAAIAGNtsKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":68109715,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68109715,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":1,"flow_src_last_pkt_time":68109715,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68109715,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vGxAAIAGN8kKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":68110208,"flow_dst_last_pkt_time":68110208,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68110208,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":1,"flow_src_last_pkt_time":68110208,"flow_dst_last_pkt_time":68110208,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68110208,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKBAAIAGOe0KAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":68110677,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68110677,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":1,"flow_src_last_pkt_time":68110677,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68110677,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZlAAIAGsggKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":3,"flow_src_last_pkt_time":68170325,"flow_dst_last_pkt_time":67657380,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68170325,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7pAAIAGcS8KAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":4,"flow_src_last_pkt_time":67969708,"flow_dst_last_pkt_time":68329015,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68329015,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqcAAP8Gph53Do\/tCgACDxl7xC4AAAAARATpb1AUAACRqAAA"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":2,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68368318,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":68368318,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAqgAAEAGVIJ08aKiCgACDz09xDIAcUgB9bSpG2AS\/\/+LwQAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":3,"flow_src_last_pkt_time":68368739,"flow_dst_last_pkt_time":68368318,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68368739,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobmNAAIAGaMoKAAIPdPGiosQyPT31tKkbAHFIAlAQ+vCojQAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":4,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68368318,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":68372551,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBbmRAAIAGZnAKAAIPdPGiosQyPT31tKkbAHFIAlAY+vDrYwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMTYuMjQxLjE2Mi4xNjINClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":68108022,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68368318,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68372551,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":5,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68372741,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68372741,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqkAAEAGVIV08aKiCgACDz09xDIAcUgC9bSrdFAQ\/\/+hJQAA"} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":2,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68425030,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68425030,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqoAAP8GHcZv8R9gCgACDzgwxDQAAAAAU1SN+lAUAAA2vQAA"} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":4,"flow_src_last_pkt_time":68170325,"flow_dst_last_pkt_time":68616752,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68616752,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqsAAP8Gw0ok6cTiCgACDw7sxCwAAAAAEwSaoFAUAAA5OQAA"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":297,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_packet_id":5,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":68329015,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68857088,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TExAAIAGm20KAAIPdw6P7cQuGXtEBOluAAAAAIAC+vBV+AAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":298,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":3,"flow_src_last_pkt_time":68935809,"flow_dst_last_pkt_time":68425030,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68935809,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KIpAAIAGNtoKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":299,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":2,"flow_src_last_pkt_time":69076695,"flow_dst_last_pkt_time":66077768,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076695,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdpAAIAGUVsKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":300,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":2,"flow_src_last_pkt_time":69076754,"flow_dst_last_pkt_time":66078256,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076754,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8NAAIAGrlMKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":301,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":2,"flow_src_last_pkt_time":69076773,"flow_dst_last_pkt_time":66076724,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076773,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FThAAIAG3SkKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":302,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":2,"flow_src_last_pkt_time":69076790,"flow_dst_last_pkt_time":66078714,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076790,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EU9AAIAGi6AKAAIPWmf3XsQq5qXgntCpAAAAAIAC+vC6MQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":303,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":2,"flow_src_last_pkt_time":69076813,"flow_dst_last_pkt_time":66077295,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076813,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Co1AAIAGJkcKAAIPfPRA7cQnEmB1c07JAAAAAIAC+vAPawAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":304,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":2,"flow_src_last_pkt_time":69092897,"flow_dst_last_pkt_time":66079236,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69092897,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gY9AAIAGBqAKAAIPwXmlDMQr2FBBRhZnAAAAAIAC+vANYQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":305,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":5,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":68616752,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69124029,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7tAAIAGcS4KAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69141177,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69141177,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69141177,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":306,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":1,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69141177,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69141177,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LcBAAIAGF3gKAAIPtpvy4cQ4Otw6vMh+AAAAAIAC+vC8QwAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":69141655,"flow_dst_last_pkt_time":69141655,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69141655,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":307,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":1,"flow_src_last_pkt_time":69141655,"flow_dst_last_pkt_time":69141655,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69141655,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LRAAIAGCWgKAAIPAaMO9sQ5MjZr2Fv\/AAAAAIAC+vCZMAAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":69142033,"flow_dst_last_pkt_time":69142033,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142033,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":308,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":1,"flow_src_last_pkt_time":69142033,"flow_dst_last_pkt_time":69142033,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142033,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VPxAAIAGOusKAAIPQr0cEcQ6P42S8gLxAAAAAIAC+vBvlwAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142400,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69142400,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142400,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":309,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":1,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69142400,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142400,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AgNAAIAGSRQKAAIPLVh2RsQ7GvpGaqL3AAAAAIAC+vD72gAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142619,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69142619,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142619,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":310,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":1,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69142619,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142619,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Z6pAAIAGohwKAAIPXR2H0cQ8GMo64wwuAAAAAIAC+vBfCgAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":69142856,"flow_dst_last_pkt_time":69142856,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69142856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":311,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":1,"flow_src_last_pkt_time":69142856,"flow_dst_last_pkt_time":69142856,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142856,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lydAAIAGNGMKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":312,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":2,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69169021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69169021,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAq8AAEAGhyBdHYfRCgACDxjKxDwAczwBOuMML2AS\/\/9GjAAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":313,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":3,"flow_src_last_pkt_time":69169240,"flow_dst_last_pkt_time":69169021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69169240,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoZ6tAAIAGoicKAAIPXR2H0cQ8GMo64wwvAHM8AlAQ+vBjWAAA"} +00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":4,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69169021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":356,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":356,"pkt_l4_len":322,"thread_ts_usec":69174200,"pkt":"UlQAEjUCCAAn5uVZCABFAAFWZ6xAAIAGoPgKAAIPXR2H0cQ8GMo64wwvAHM8AlAY+vCUgAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDkzLjI5LjEzNS4yMDkNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpCeWUtUGFja2V0OiAwLjENCkFjY2VwdDogYXBwbGljYXRpb24veC1nbnV0ZWxsYTINCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLUh1YjogRmFsc2UNClgtSHViLU5lZWRlZDogVHJ1ZQ0KDQo="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":314,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142619,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69169021,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69174200,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":5,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69174331,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69174331,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoArAAAEAGhyNdHYfRCgACDxjKxDwAczwCOuMNXVAQ\/\/9dGwAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":2,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69182147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69182147,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArEAAEAGyG4tWHZGCgACDxr6xDsAdDYBRmqi+GAS\/\/\/pWwAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":3,"flow_src_last_pkt_time":69182344,"flow_dst_last_pkt_time":69182147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69182344,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoAgRAAIAGSR8KAAIPLVh2RsQ7GvpGaqL4AHQ2AlAQ+vAGKAAA"} +01307{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":4,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182147,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":69182494,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+AgVAAIAGRsgKAAIPLVh2RsQ7GvpGaqL4AHQ2AlAY+vCgMQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0NS44OC4xMTguNzANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142400,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182147,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69182494,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":5,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182600,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69182600,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoArIAAEAGyHEtWHZGCgACDxr6xDsAdDYCRmqlTlAQ\/\/\/+wgAA"} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":4,"flow_src_last_pkt_time":68935809,"flow_dst_last_pkt_time":69232563,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69232563,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoArcAAP8GHblv8R9gCgACDzgwxDQAAAAAU1SN+lAUAAA2vQAA"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":3,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":69360165,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360165,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArgAAEAG3qdZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":3,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":69360270,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360270,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArkAAEAG56stQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":329,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":3,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":69360303,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360303,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAroAAEAG+PjPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":3,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":69360329,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360329,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArsAAEAG2+NQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":331,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":2,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69360359,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360359,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArwAAEAGwoS2m\/LhCgACDzrcxDgAdioBOrzIf2AS\/\/+1wgAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":332,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":3,"flow_src_last_pkt_time":69360759,"flow_dst_last_pkt_time":69360359,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69360759,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoLcFAAIAGF4MKAAIPtpvy4cQ4Otw6vMh\/AHYqAlAQ+vDSjgAA"} +01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":4,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69360359,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":69361087,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBLcJAAIAGFSkKAAIPtpvy4cQ4Otw6vMh\/AHYqAlAY+vATYQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODIuMTU1LjI0Mi4yMjUNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69141177,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69360359,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69361087,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":5,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69361312,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69361312,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAr0AAEAGwoe2m\/LhCgACDzrcxDgAdioCOrzK2FAQ\/\/\/LJgAA"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":5,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":69232563,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69747482,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KItAAIAGNtkKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":2,"flow_src_last_pkt_time":70110432,"flow_dst_last_pkt_time":67094863,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110432,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtFAAIAGDgYKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":2,"flow_src_last_pkt_time":70110576,"flow_dst_last_pkt_time":67093324,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110576,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faJAAIAGiKUKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":2,"flow_src_last_pkt_time":70110619,"flow_dst_last_pkt_time":67094277,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110619,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R01AAIAGN+QKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":2,"flow_src_last_pkt_time":70110654,"flow_dst_last_pkt_time":67095290,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110654,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+zdAAIAGNBgKAAIPbdJRk8QxYOCX52ZFAAAAAIAC+vCFbAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":70170653,"flow_dst_last_pkt_time":70170653,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70170653,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":1,"flow_src_last_pkt_time":70170653,"flow_dst_last_pkt_time":70170653,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70170653,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KcZAAIAGHhgKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":70171206,"flow_dst_last_pkt_time":70171206,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70171206,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":1,"flow_src_last_pkt_time":70171206,"flow_dst_last_pkt_time":70171206,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70171206,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kJAAIAGdAcKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":70171598,"flow_dst_last_pkt_time":70171598,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70171598,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":1,"flow_src_last_pkt_time":70171598,"flow_dst_last_pkt_time":70171598,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70171598,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rm9AAIAGeMEKAAIPJO0KmMRAUy2fhJtvAAAAAIAC+vDmKQAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":70171959,"flow_dst_last_pkt_time":70171959,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70171959,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":1,"flow_src_last_pkt_time":70171959,"flow_dst_last_pkt_time":70171959,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70171959,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0A95AAIAG2\/QKAAIPYhKs0MRB9sQLj4LfAAAAAIAC+vAPuQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":70172361,"flow_dst_last_pkt_time":70172361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70172361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":1,"flow_src_last_pkt_time":70172361,"flow_dst_last_pkt_time":70172361,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70172361,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LJpAAIAGiMUKAAIPbdLLg8RCGMrxPNpbAAAAAIAC+vCGFQAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":70172719,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70172719,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":1,"flow_src_last_pkt_time":70172719,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70172719,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UWtAAIAGasMKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230046,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":1,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230046,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0djYAAIARTnwKAAIPVYoUbnAJGMoAIKDVR05EED6PAQFUC1FLUlAGUk5BXS\/iNQlw"} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -369,10 +369,10 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_packet_id":1,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230689,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LQAAIARp30KAAIPXINV9XAJe\/8AIPUdR05EED6RAQFUC1FLUlAGUk5BXS\/iNQlw"} 00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230940,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_packet_id":1,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230940,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tBIAAIAREWQKAAIPUTIYAnAJRdIAIHSOR05EED6SAQFUC1FLUlAGUk5BXS\/iNQlw"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":2,"flow_src_last_pkt_time":71122761,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122761,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vG1AAIAGN8gKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":2,"flow_src_last_pkt_time":71122842,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122842,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4lAAIAGtdcKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":2,"flow_src_last_pkt_time":71122875,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122875,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZpAAIAGsgcKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":2,"flow_src_last_pkt_time":71122895,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKFAAIAGOewKAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":2,"flow_src_last_pkt_time":71122761,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122761,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vG1AAIAGN8gKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":2,"flow_src_last_pkt_time":71122842,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122842,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4lAAIAGtdcKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":2,"flow_src_last_pkt_time":71122875,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122875,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZpAAIAGsgcKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":2,"flow_src_last_pkt_time":71122895,"flow_dst_last_pkt_time":68110208,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKFAAIAGOewKAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} 00945{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00941{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00932{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -388,26 +388,26 @@ 00947{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":43490007,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":546,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00935{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00949{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":71203227,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71203227,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":1,"flow_src_last_pkt_time":71203227,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71203227,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0JAAIAGin4KAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204033,"flow_src_last_pkt_time":71204033,"flow_dst_last_pkt_time":71204033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204033,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":1,"flow_src_last_pkt_time":71204033,"flow_dst_last_pkt_time":71204033,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71204033,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3NAAIAGoE4KAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":71204511,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204511,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":1,"flow_src_last_pkt_time":71204511,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71204511,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IwtAAIAGfuIKAAIPUAf8wMRGsnV8RDFlAAAAAIAC+vD24gAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":71204889,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204889,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":1,"flow_src_last_pkt_time":71204889,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71204889,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Dd1AAIAGwQQKAAIPQh7dtcRHyWh8xjFMAAAAAIAC+vAMegAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71205274,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71205274,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71205274,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":1,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71205274,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71205274,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05AtAAIAGAfsKAAIPbdaa2MRIGMoc18X9AAAAAIAC+vCfegAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71205609,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71205609,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71205609,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":1,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71205609,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71205609,"pkt":"UlQAEjUCCAAn5uVZCABFAAA08yJAAIAG8AwKAAIPVtC0tcRJszsghBY3AAAAAIAC+vCuSgAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":71203227,"flow_dst_last_pkt_time":71203227,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71203227,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":1,"flow_src_last_pkt_time":71203227,"flow_dst_last_pkt_time":71203227,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71203227,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0JAAIAGin4KAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204033,"flow_src_last_pkt_time":71204033,"flow_dst_last_pkt_time":71204033,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204033,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":1,"flow_src_last_pkt_time":71204033,"flow_dst_last_pkt_time":71204033,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71204033,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3NAAIAGoE4KAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":71204511,"flow_dst_last_pkt_time":71204511,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204511,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":1,"flow_src_last_pkt_time":71204511,"flow_dst_last_pkt_time":71204511,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71204511,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IwtAAIAGfuIKAAIPUAf8wMRGsnV8RDFlAAAAAIAC+vD24gAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":71204889,"flow_dst_last_pkt_time":71204889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204889,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":1,"flow_src_last_pkt_time":71204889,"flow_dst_last_pkt_time":71204889,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71204889,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Dd1AAIAGwQQKAAIPQh7dtcRHyWh8xjFMAAAAAIAC+vAMegAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71205274,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71205274,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71205274,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":1,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71205274,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71205274,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05AtAAIAGAfsKAAIPbdaa2MRIGMoc18X9AAAAAIAC+vCfegAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71205609,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71205609,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71205609,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":1,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71205609,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71205609,"pkt":"UlQAEjUCCAAn5uVZCABFAAA08yJAAIAG8AwKAAIPVtC0tcRJszsghBY3AAAAAIAC+vCuSgAAAgQFtAEDAwgBAQQC"} 00708{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5} 00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":1,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":71216656,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4AsYAAP8BoC4KAAICCgACDwMBntkAAAAARQAANGWZQAB\/BrMICgACD0xEis\/EN7AX1ucS7g=="} 01001{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.521641}} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":2,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71312602,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAscAAEAGYHFW0LS1CgACD7M7xEkAehIBIIQWOGAS\/\/+\/xQAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":3,"flow_src_last_pkt_time":71312945,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71312945,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo8yNAAIAG8BcKAAIPVtC0tcRJszsghBY4AHoSAlAQ+vDckQAA"} -00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":4,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":357,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":357,"pkt_l4_len":323,"thread_ts_usec":71313221,"pkt":"UlQAEjUCCAAn5uVZCABFAAFX8yRAAIAG7ucKAAIPVtC0tcRJszsghBY4AHoSAlAY+vB1IQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDg2LjIwOC4xODAuMTgxDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KQnllLVBhY2tldDogMC4xDQpBY2NlcHQ6IGFwcGxpY2F0aW9uL3gtZ251dGVsbGEyDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1IdWI6IEZhbHNlDQpYLUh1Yi1OZWVkZWQ6IFRydWUNCg0K"} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205609,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":303,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71313221,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":5,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71313407,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71313407,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAsgAAEAGYHRW0LS1CgACD7M7xEkAehICIIQXZ1AQ\/\/\/WUwAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":2,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71312602,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAscAAEAGYHFW0LS1CgACD7M7xEkAehIBIIQWOGAS\/\/+\/xQAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":3,"flow_src_last_pkt_time":71312945,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71312945,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo8yNAAIAG8BcKAAIPVtC0tcRJszsghBY4AHoSAlAQ+vDckQAA"} +00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":4,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":357,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":357,"pkt_l4_len":323,"thread_ts_usec":71313221,"pkt":"UlQAEjUCCAAn5uVZCABFAAFX8yRAAIAG7ucKAAIPVtC0tcRJszsghBY4AHoSAlAY+vB1IQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDg2LjIwOC4xODAuMTgxDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KQnllLVBhY2tldDogMC4xDQpBY2NlcHQ6IGFwcGxpY2F0aW9uL3gtZ251dGVsbGEyDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1IdWI6IEZhbHNlDQpYLUh1Yi1OZWVkZWQ6IFRydWUNCg0K"} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205609,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":303,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71313221,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":5,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71313407,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71313407,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAsgAAEAGYHRW0LS1CgACD7M7xEkAehICIIQXZ1AQ\/\/\/WUwAA"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_packet_id":1,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71535614,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnYAAIARfQoKAAIPWKDWiXAJGMoAINufR05EED6TAQFUC1FLUlAGUk5BXS\/iNQlw"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -454,42 +454,42 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_packet_id":1,"flow_src_last_pkt_time":71540885,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540885,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0POoAAIARNbgKAAIPyHjzj3AJGMoAIE6sR05EED6oAQFUC1FLUlAGUk5BXS\/iNQlw"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71541038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":1,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71541038,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02U0AAIAREUUKAAIPBbQ+ZHAJtTEAICo0R05EED6pAQFUC1FLUlAGUk5BXS\/iNQlw"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":2,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71605139,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAswAAEAGY0Nt1prYCgACDxjKxEgAewwBHNfF\/mAS\/\/+29AAAAgQFtA=="} -00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":3,"flow_src_last_pkt_time":71605439,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71605439,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5AxAAIAGAgYKAAIPbdaa2MRIGMoc18X+AHsMAlAQ+vDTwAAA"} -00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":4,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":358,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":358,"pkt_l4_len":324,"thread_ts_usec":71608015,"pkt":"UlQAEjUCCAAn5uVZCABFAAFY5A1AAIAGANUKAAIPbdaa2MRIGMoc18X+AHsMAlAY+vDYuQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDEwOS4yMTQuMTU0LjIxNg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkJ5ZS1QYWNrZXQ6IDAuMQ0KQWNjZXB0OiBhcHBsaWNhdGlvbi94LWdudXRlbGxhMg0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtSHViOiBGYWxzZQ0KWC1IdWItTmVlZGVkOiBUcnVlDQoNCg=="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205274,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71608015,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":5,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71608204,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71608204,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAs0AAEAGY0Zt1prYCgACDxjKxEgAewwCHNfHLlAQ\/\/\/NgQAA"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":3,"flow_src_last_pkt_time":72031634,"flow_dst_last_pkt_time":63001498,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031634,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1xAAIAGzIMKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":3,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031726,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xtxAAIAGndcKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":3,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031755,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iq5AAIAGH9QKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":2,"flow_src_last_pkt_time":72156846,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72156846,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VP1AAIAGOuoKAAIPQr0cEcQ6P42S8gLxAAAAAIAC+vBvlwAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":2,"flow_src_last_pkt_time":72157001,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72157001,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LVAAIAGCWcKAAIPAaMO9sQ5MjZr2Fv\/AAAAAIAC+vCZMAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":2,"flow_src_last_pkt_time":72157046,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72157046,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lyhAAIAGNGIKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72264816,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72264816,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72264816,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":1,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72264816,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72264816,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0alNAAIAGzs4KAAIPG16aNcRKGMq+PzReAAAAAIAC+vDiygAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":72265587,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72265587,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":1,"flow_src_last_pkt_time":72265587,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72265587,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvdAAIAGYVQKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72266136,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72266136,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72266136,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":1,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72266136,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72266136,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VqVAAIAG\/NQKAAIPe8ofccRMTThVM2MAAAAAAIAC+vADHQAAAgQFtAEDAwgBAQQC"} -00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72266629,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72266629,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72266629,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":1,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72266629,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72266629,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00URAAIAGSiQKAAIPZ+hrZMRNqfSI7oMUAAAAAIAC+vAafwAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":72267129,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72267129,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":1,"flow_src_last_pkt_time":72267129,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72267129,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnJAAIAGzTgKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":2,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72462483,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAs8AAEAGtlsbXpo1CgACDxjKxEoAfQABvj80X2AS\/\/8GQwAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":3,"flow_src_last_pkt_time":72462904,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72462904,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoalRAAIAGztkKAAIPG16aNcRKGMq+PzRfAH0AAlAQ+vAjDwAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":4,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":72463250,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+alVAAIAGzIIKAAIPG16aNcRKGMq+PzRfAH0AAlAY+vCzJAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyNy45NC4xNTQuNTMNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72264816,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72463250,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":5,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72463429,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72463429,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtAAAEAGtl4bXpo1CgACDxjKxEoAfQACvj82tVAQ\/\/8bqgAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":2,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72471836,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAtEAAEAG0LF7yh9xCgACD004xEwAfvQBVTNjAWAS\/\/8ykwAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":3,"flow_src_last_pkt_time":72472109,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72472109,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoVqZAAIAG\/N8KAAIPe8ofccRMTThVM2MBAH70AlAQ+vBPXwAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":4,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":72472350,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAVqdAAIAG+oYKAAIPe8ofccRMTThVM2MBAH70AlAY+vDARgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMjMuMjAyLjMxLjExMw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266136,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72472350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":5,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72472489,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72472489,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtIAAEAG0LR7yh9xCgACD004xEwAfvQCVTNlWVAQ\/\/9H+AAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":2,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72595583,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAtUAAEAGmJxn6GtkCgACD6n0xE0Af+4BiO6DFWAS\/\/9P9AAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":3,"flow_src_last_pkt_time":72596109,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72596109,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo0UVAAIAGSi8KAAIPZ+hrZMRNqfSI7oMVAH\/uAlAQ+vBswAAA"} -01313{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":4,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":72596459,"pkt":"UlQAEjUCCAAn5uVZCABFAAKB0UZAAIAGR9UKAAIPZ+hrZMRNqfSI7oMVAH\/uAlAY+vC9lQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMDMuMjMyLjEwNy4xMDANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266629,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72596459,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":5,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72596635,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72596635,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtYAAEAGmJ9n6GtkCgACD6n0xE0Af+4CiO6FblAQ\/\/9lWAAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":2,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71605139,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAswAAEAGY0Nt1prYCgACDxjKxEgAewwBHNfF\/mAS\/\/+29AAAAgQFtA=="} +00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":3,"flow_src_last_pkt_time":71605439,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71605439,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5AxAAIAGAgYKAAIPbdaa2MRIGMoc18X+AHsMAlAQ+vDTwAAA"} +00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":4,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":358,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":358,"pkt_l4_len":324,"thread_ts_usec":71608015,"pkt":"UlQAEjUCCAAn5uVZCABFAAFY5A1AAIAGANUKAAIPbdaa2MRIGMoc18X+AHsMAlAY+vDYuQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDEwOS4yMTQuMTU0LjIxNg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkJ5ZS1QYWNrZXQ6IDAuMQ0KQWNjZXB0OiBhcHBsaWNhdGlvbi94LWdudXRlbGxhMg0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtSHViOiBGYWxzZQ0KWC1IdWItTmVlZGVkOiBUcnVlDQoNCg=="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205274,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71608015,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":5,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71608204,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71608204,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAs0AAEAGY0Zt1prYCgACDxjKxEgAewwCHNfHLlAQ\/\/\/NgQAA"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":3,"flow_src_last_pkt_time":72031634,"flow_dst_last_pkt_time":63001498,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031634,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1xAAIAGzIMKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":3,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031726,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xtxAAIAGndcKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":3,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031755,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iq5AAIAGH9QKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":2,"flow_src_last_pkt_time":72156846,"flow_dst_last_pkt_time":69142033,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72156846,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VP1AAIAGOuoKAAIPQr0cEcQ6P42S8gLxAAAAAIAC+vBvlwAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":2,"flow_src_last_pkt_time":72157001,"flow_dst_last_pkt_time":69141655,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72157001,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LVAAIAGCWcKAAIPAaMO9sQ5MjZr2Fv\/AAAAAIAC+vCZMAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":2,"flow_src_last_pkt_time":72157046,"flow_dst_last_pkt_time":69142856,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72157046,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lyhAAIAGNGIKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72264816,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72264816,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72264816,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":1,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72264816,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72264816,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0alNAAIAGzs4KAAIPG16aNcRKGMq+PzReAAAAAIAC+vDiygAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":72265587,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72265587,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":1,"flow_src_last_pkt_time":72265587,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72265587,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvdAAIAGYVQKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72266136,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72266136,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72266136,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":1,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72266136,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72266136,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VqVAAIAG\/NQKAAIPe8ofccRMTThVM2MAAAAAAIAC+vADHQAAAgQFtAEDAwgBAQQC"} +00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72266629,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72266629,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72266629,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":1,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72266629,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72266629,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00URAAIAGSiQKAAIPZ+hrZMRNqfSI7oMUAAAAAIAC+vAafwAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":72267129,"flow_dst_last_pkt_time":72267129,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72267129,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":1,"flow_src_last_pkt_time":72267129,"flow_dst_last_pkt_time":72267129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72267129,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnJAAIAGzTgKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":2,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72462483,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72462483,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAs8AAEAGtlsbXpo1CgACDxjKxEoAfQABvj80X2AS\/\/8GQwAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":3,"flow_src_last_pkt_time":72462904,"flow_dst_last_pkt_time":72462483,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72462904,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoalRAAIAGztkKAAIPG16aNcRKGMq+PzRfAH0AAlAQ+vAjDwAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":4,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72462483,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":72463250,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+alVAAIAGzIIKAAIPG16aNcRKGMq+PzRfAH0AAlAY+vCzJAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyNy45NC4xNTQuNTMNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72264816,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72462483,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72463250,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":5,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72463429,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72463429,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtAAAEAGtl4bXpo1CgACDxjKxEoAfQACvj82tVAQ\/\/8bqgAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":2,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72471836,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72471836,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAtEAAEAG0LF7yh9xCgACD004xEwAfvQBVTNjAWAS\/\/8ykwAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":3,"flow_src_last_pkt_time":72472109,"flow_dst_last_pkt_time":72471836,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72472109,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoVqZAAIAG\/N8KAAIPe8ofccRMTThVM2MBAH70AlAQ+vBPXwAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":4,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72471836,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":72472350,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAVqdAAIAG+oYKAAIPe8ofccRMTThVM2MBAH70AlAY+vDARgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMjMuMjAyLjMxLjExMw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266136,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72471836,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72472350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":5,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72472489,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72472489,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtIAAEAG0LR7yh9xCgACD004xEwAfvQCVTNlWVAQ\/\/9H+AAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":433,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":2,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72595583,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72595583,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAtUAAEAGmJxn6GtkCgACD6n0xE0Af+4BiO6DFWAS\/\/9P9AAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":3,"flow_src_last_pkt_time":72596109,"flow_dst_last_pkt_time":72595583,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72596109,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo0UVAAIAGSi8KAAIPZ+hrZMRNqfSI7oMVAH\/uAlAQ+vBswAAA"} +01313{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":4,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72595583,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":72596459,"pkt":"UlQAEjUCCAAn5uVZCABFAAKB0UZAAIAGR9UKAAIPZ+hrZMRNqfSI7oMVAH\/uAlAY+vC9lQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMDMuMjMyLjEwNy4xMDANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266629,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72595583,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72596459,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":5,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72596635,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72596635,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtYAAEAGmJ9n6GtkCgACD6n0xE0Af+4CiO6FblAQ\/\/9lWAAA"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72848739,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_packet_id":1,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72848739,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XAwAAIARFJoKAAIPqv4TBnAJXnQAIAcER05EED6qAQFUC1FLUlAGUk5BXS\/iNQlw"} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849111,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -526,118 +526,118 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_packet_id":1,"flow_src_last_pkt_time":72853538,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853538,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JXgAAIARS7MKAAIPTcVvunAJGMoAIE0jR05EED66AQFUC1FLUlAGUk5BXS\/iNQlw"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853723,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":1,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853723,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s0kAAIARB\/EKAAIPrGHHDnAJGMoAIJcxR05EED67AQFUC1FLUlAGUk5BXS\/iNQlw"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":3,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73064966,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpVAAIAGVgUKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":3,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73065072,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FYFAAIAGQkoKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":3,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73065113,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTJAAIAGk6kKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":2,"flow_src_last_pkt_time":73188062,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188062,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KcdAAIAGHhcKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":2,"flow_src_last_pkt_time":73188198,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188198,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UWxAAIAGasIKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":2,"flow_src_last_pkt_time":73188234,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188234,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kNAAIAGdAYKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":2,"flow_src_last_pkt_time":73188264,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188264,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LJtAAIAGiMQKAAIPbdLLg8RCGMrxPNpbAAAAAIAC+vCGFQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":2,"flow_src_last_pkt_time":73188288,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188288,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RnBAAIAGeMAKAAIPJO0KmMRAUy2fhJtvAAAAAIAC+vDmKQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":2,"flow_src_last_pkt_time":73188323,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188323,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0A99AAIAG2\/MKAAIPYhKs0MRB9sQLj4LfAAAAAIAC+vAPuQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":73299039,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73299039,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":1,"flow_src_last_pkt_time":73299039,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73299039,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00EFAAIAGLmIKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73299863,"flow_src_last_pkt_time":73299863,"flow_dst_last_pkt_time":73299863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73299863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":1,"flow_src_last_pkt_time":73299863,"flow_dst_last_pkt_time":73299863,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73299863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/FxAAIAGA84KAAIPJOnJocRQC0aEhFh7AAAAAIAC+vDM7wAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":73300612,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73300612,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":1,"flow_src_last_pkt_time":73300612,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73300612,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+GxAAIAG6uoKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":73301240,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73301240,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":1,"flow_src_last_pkt_time":73301240,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73301240,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYZAAIAGFfgKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":2,"flow_src_last_pkt_time":73299863,"flow_dst_last_pkt_time":73603093,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":73603093,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAuUAAP8GvlEk6cmhCgACDwtGxFAAAAAAhIRYfFAUAAAIoAAA"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":3,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73064966,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpVAAIAGVgUKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":3,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73065072,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FYFAAIAGQkoKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":3,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73065113,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTJAAIAGk6kKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":2,"flow_src_last_pkt_time":73188062,"flow_dst_last_pkt_time":70170653,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188062,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KcdAAIAGHhcKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":2,"flow_src_last_pkt_time":73188198,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188198,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UWxAAIAGasIKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":2,"flow_src_last_pkt_time":73188234,"flow_dst_last_pkt_time":70171206,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188234,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kNAAIAGdAYKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":2,"flow_src_last_pkt_time":73188264,"flow_dst_last_pkt_time":70172361,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188264,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LJtAAIAGiMQKAAIPbdLLg8RCGMrxPNpbAAAAAIAC+vCGFQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":2,"flow_src_last_pkt_time":73188288,"flow_dst_last_pkt_time":70171598,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188288,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RnBAAIAGeMAKAAIPJO0KmMRAUy2fhJtvAAAAAIAC+vDmKQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":2,"flow_src_last_pkt_time":73188323,"flow_dst_last_pkt_time":70171959,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73188323,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0A99AAIAG2\/MKAAIPYhKs0MRB9sQLj4LfAAAAAIAC+vAPuQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":73299039,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73299039,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":1,"flow_src_last_pkt_time":73299039,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73299039,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00EFAAIAGLmIKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73299863,"flow_src_last_pkt_time":73299863,"flow_dst_last_pkt_time":73299863,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73299863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":1,"flow_src_last_pkt_time":73299863,"flow_dst_last_pkt_time":73299863,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73299863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/FxAAIAGA84KAAIPJOnJocRQC0aEhFh7AAAAAIAC+vDM7wAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":73300612,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73300612,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":1,"flow_src_last_pkt_time":73300612,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73300612,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+GxAAIAG6uoKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":73301240,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":73301240,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":1,"flow_src_last_pkt_time":73301240,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73301240,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYZAAIAGFfgKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":2,"flow_src_last_pkt_time":73299863,"flow_dst_last_pkt_time":73603093,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":73603093,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAuUAAP8GvlEk6cmhCgACDwtGxFAAAAAAhIRYfFAUAAAIoAAA"} 00768{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":2,"flow_src_last_pkt_time":73950296,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":243,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":243,"pkt_l4_len":209,"thread_ts_usec":73950296,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAADlHPwAAIARA\/8KAAIPCgAC\/wCKAIoA0UBrEQKcLgoAAg8AigC7AAAgRU5GREVGRUVFSEVGRkhFSkVPREJEQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAOgDAAAAAAAAAAAhAFYAAwABAAAAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQDA1AEATVNFREdFV0lOMTAAAAAAAAoAAxAAAA8BVaoA"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":3,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74092777,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pXBAAIAGEbUKAAIPJOoSpsQi79zHbZnNAAAAAIAC+vAbRgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":3,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74092928,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q81AAIAGVuQKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":3,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74092991,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWxAAIAG8swKAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":3,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74093030,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NVxAAIAG3h8KAAIPXxF8KMQkGnhkTfi6AAAAAIAC+vBRMgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":3,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74093071,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02YJAAIAG1DcKAAIPcfzO\/sQhwbNg4z+5AAAAAIAC+vAApAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":3,"flow_src_last_pkt_time":74108184,"flow_dst_last_pkt_time":73603093,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74108184,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/F1AAIAGA80KAAIPJOnJocRQC0aEhFh7AAAAAIAC+vDM7wAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":2,"flow_src_last_pkt_time":74217715,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74217715,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Dd5AAIAGwQMKAAIPQh7dtcRHyWh8xjFMAAAAAIAC+vAMegAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":2,"flow_src_last_pkt_time":74218269,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74218269,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IwxAAIAGfuEKAAIPUAf8wMRGsnV8RDFlAAAAAIAC+vD24gAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":2,"flow_src_last_pkt_time":74218296,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74218296,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0NAAIAGin0KAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":2,"flow_src_last_pkt_time":74218313,"flow_dst_last_pkt_time":71204033,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74218313,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3RAAIAGoE0KAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74327445,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74327445,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74327445,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":1,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74327445,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74327445,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04otAAIAG+gUKAAIPt7NacMRTJnw0vRokAAAAAIAC+vAcPAAAAgQFtAEDAwgBAQQC"} -00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":74328113,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74328113,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":1,"flow_src_last_pkt_time":74328113,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74328113,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xdJAAIAG7kEKAAIPcf\/IocRUyMI6N6PeAAAAAIAC+vDCQgAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74328635,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":74328635,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74328635,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":1,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":74328635,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74328635,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZARAAIAGxHUKAAIPnDkqAsRVgsQy7nYLAAAAAIAC+vCxwQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74329162,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74329162,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74329162,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":1,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74329162,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74329162,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07XNAAIAG0w0KAAIPUD3d9sRWd3H5FzmMAAAAAIAC+vDLcAAAAgQFtAEDAwgBAQQC"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":2,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":74362174,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAuYAAEAGPaRQPd32CgACD3dxxFYAg9YB+Rc5jWAS\/\/8Y4gAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":3,"flow_src_last_pkt_time":74362581,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74362581,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo7XRAAIAG0xgKAAIPUD3d9sRWd3H5FzmNAIPWAlAQ+vA1rgAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":4,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":74362905,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/7XVAAIAG0MAKAAIPUD3d9sRWd3H5FzmNAIPWAlAY+vCrtAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4MC42MS4yMjEuMjQ2DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74329162,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74362905,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":5,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74363127,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74363127,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAucAAEAGPadQPd32CgACD3dxxFYAg9YC+Rc75FAQ\/\/8uSAAA"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":4,"flow_src_last_pkt_time":74108184,"flow_dst_last_pkt_time":74419340,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74419340,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAusAAP8Gvksk6cmhCgACDwtGxFAAAAAAhIRYfFAUAAAIoAAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":2,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":74510418,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAuwAAEAGWa63s1pwCgACDyZ8xFMAhNABNL0aJWAS\/\/9vrAAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":3,"flow_src_last_pkt_time":74510790,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74510790,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo4oxAAIAG+hAKAAIPt7NacMRTJnw0vRolAITQAlAQ+vCMeAAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":4,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":74511118,"pkt":"UlQAEjUCCAAn5uVZCABFAAKA4o1AAIAG97cKAAIPt7NacMRTJnw0vRolAITQAlAY+vDyUwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODMuMTc5LjkwLjExMg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74327445,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74511118,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":5,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74511281,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74511281,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAu0AAEAGWbG3s1pwCgACDyZ8xFMAhNACNL0cfVAQ\/\/+FEQAA"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":5,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":74419340,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74939021,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/F5AAIAGA8wKAAIPJOnJocRQC0aEhFh7AAAAAIAC+vDM7wAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":3,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077028,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdtAAIAGUVoKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":3,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077158,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FTlAAIAG3SgKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":3,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077234,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8RAAIAGrlIKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":3,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077268,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EVBAAIAGi58KAAIPWmf3XsQq5qXgntCpAAAAAIAC+vC6MQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":3,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077318,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Co5AAIAGJkYKAAIPfPRA7cQnEmB1c07JAAAAAIAC+vAPawAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":3,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75108166,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gZBAAIAGBp8KAAIPwXmlDMQr2FBBRhZnAAAAAIAC+vANYQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":2,"flow_src_last_pkt_time":75264091,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75264091,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnNAAIAGzTcKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":2,"flow_src_last_pkt_time":75280111,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75280111,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvhAAIAGYVMKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":75358059,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75358059,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":1,"flow_src_last_pkt_time":75358059,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75358059,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOZAAIAGV+4KAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":75358813,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75358813,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":1,"flow_src_last_pkt_time":75358813,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75358813,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYdAAIAGqOAKAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":75359352,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75359352,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":1,"flow_src_last_pkt_time":75359352,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75359352,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsVAAIAGE9AKAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75359834,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75359834,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75359834,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":1,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75359834,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75359834,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLlAAIAGV04KAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":2,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":75482520,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAvIAAEAGpZCcOSoCCgACD4LExFUAh74BMu52DGAS\/\/8XLwAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":3,"flow_src_last_pkt_time":75482943,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75482943,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoZAVAAIAGxIAKAAIPnDkqAsRVgsQy7nYMAIe+AlAQ+vAz+wAA"} -01304{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":4,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":651,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":651,"pkt_l4_len":617,"thread_ts_usec":75501507,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ9ZAZAAIAGwioKAAIPnDkqAsRVgsQy7nYMAIe+AlAY+vDWNwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNTYuNTcuNDIuMg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74328635,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75501507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":5,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75501726,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75501726,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvMAAEAGpZOcOSoCCgACD4LExFUAh74CMu54YVAQ\/\/8slwAA"} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":2,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75731769,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75731769,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvQAAP8GIh\/bRq9nCgACDxDbxFoAAAAAE+XzBlAUAAA88gAA"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":3,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122465,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtJAAIAGDgUKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":3,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122571,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R05AAIAGN+MKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":3,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122608,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faNAAIAGiKQKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":549,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":3,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122637,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+zhAAIAGNBcKAAIPbdJRk8QxYOCX52ZFAAAAAIAC+vCFbAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":3,"flow_src_last_pkt_time":76233008,"flow_dst_last_pkt_time":75731769,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76233008,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLpAAIAGV00KAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":2,"flow_src_last_pkt_time":76326094,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76326094,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+G1AAIAG6ukKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":2,"flow_src_last_pkt_time":76326208,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76326208,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00EJAAIAGLmEKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":2,"flow_src_last_pkt_time":76326232,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76326232,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYdAAIAGFfcKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":4,"flow_src_last_pkt_time":76233008,"flow_dst_last_pkt_time":76621827,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":76621827,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvUAAP8GIh7bRq9nCgACDxDbxFoAAAAAE+XzBlAUAAA88gAA"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":3,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77122396,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4pAAIAGtdYKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":3,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77122484,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vG5AAIAGN8cKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":3,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77122514,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKJAAIAGOesKAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":5,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":76621827,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77138763,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLtAAIAGV0wKAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":3,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77138828,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZtAAIAGsgYKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":2,"flow_src_last_pkt_time":77329804,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77329804,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xdNAAIAG7kAKAAIPcf\/IocRUyMI6N6PeAAAAAIAC+vDCQgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":3,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78169124,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VP5AAIAGOukKAAIPQr0cEcQ6P42S8gLxAAAAAIAC+vBvlwAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":3,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78169222,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LZAAIAGCWYKAAIPAaMO9sQ5MjZr2Fv\/AAAAAIAC+vCZMAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":3,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78169259,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lylAAIAGNGEKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":565,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":2,"flow_src_last_pkt_time":78374120,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374120,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYhAAIAGqN8KAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":2,"flow_src_last_pkt_time":78374257,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374257,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOdAAIAGV+0KAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":2,"flow_src_last_pkt_time":78374291,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374291,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsZAAIAGE88KAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":4,"flow_src_last_pkt_time":72031634,"flow_dst_last_pkt_time":78516421,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":78516421,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAvcAAEAGUPFWgcRUCgACDya7xBYAjZoBCA9PwGAS\/\/+UAgAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":5,"flow_src_last_pkt_time":78517379,"flow_dst_last_pkt_time":78516421,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":78517379,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoB11AAIAGzI4KAAIPVoHEVMQWJrsID0\/AAI2aAlAQ+vCwzgAA"} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":63001498,"flow_src_last_pkt_time":78517708,"flow_dst_last_pkt_time":78516421,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":78517708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":577,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":3,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79200890,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KchAAIAGHhYKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":3,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201010,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UW1AAIAGasEKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":3,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201060,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kRAAIAGdAUKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":3,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201091,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0A+BAAIAG2\/IKAAIPYhKs0MRB9sQLj4LfAAAAAIAC+vAPuQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":581,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":3,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201116,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LJxAAIAGiMMKAAIPbdLLg8RCGMrxPNpbAAAAAIAC+vCGFQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":3,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201158,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RnFAAIAGeL8KAAIPJO0KmMRAUy2fhJtvAAAAAIAC+vDmKQAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":3,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232033,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Dd9AAIAGwQIKAAIPQh7dtcRHyWh8xjFMAAAAAIAC+vAMegAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":3,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232141,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iw1AAIAGfuAKAAIPUAf8wMRGsnV8RDFlAAAAAIAC+vD24gAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":3,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232155,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0RAAIAGinwKAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":3,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":71204033,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232165,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3VAAIAGoEwKAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_packet_id":3,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74092777,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pXBAAIAGEbUKAAIPJOoSpsQi79zHbZnNAAAAAIAC+vAbRgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":3,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74092928,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q81AAIAGVuQKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":3,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74092991,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWxAAIAG8swKAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":496,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_packet_id":3,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74093030,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NVxAAIAG3h8KAAIPXxF8KMQkGnhkTfi6AAAAAIAC+vBRMgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_packet_id":3,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74093071,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02YJAAIAG1DcKAAIPcfzO\/sQhwbNg4z+5AAAAAIAC+vAApAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":3,"flow_src_last_pkt_time":74108184,"flow_dst_last_pkt_time":73603093,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74108184,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/F1AAIAGA80KAAIPJOnJocRQC0aEhFh7AAAAAIAC+vDM7wAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":2,"flow_src_last_pkt_time":74217715,"flow_dst_last_pkt_time":71204889,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74217715,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Dd5AAIAGwQMKAAIPQh7dtcRHyWh8xjFMAAAAAIAC+vAMegAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":2,"flow_src_last_pkt_time":74218269,"flow_dst_last_pkt_time":71204511,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74218269,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IwxAAIAGfuEKAAIPUAf8wMRGsnV8RDFlAAAAAIAC+vD24gAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":2,"flow_src_last_pkt_time":74218296,"flow_dst_last_pkt_time":71203227,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74218296,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0NAAIAGin0KAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":2,"flow_src_last_pkt_time":74218313,"flow_dst_last_pkt_time":71204033,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74218313,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3RAAIAGoE0KAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74327445,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74327445,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74327445,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":1,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74327445,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74327445,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04otAAIAG+gUKAAIPt7NacMRTJnw0vRokAAAAAIAC+vAcPAAAAgQFtAEDAwgBAQQC"} +00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":74328113,"flow_dst_last_pkt_time":74328113,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74328113,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":1,"flow_src_last_pkt_time":74328113,"flow_dst_last_pkt_time":74328113,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74328113,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xdJAAIAG7kEKAAIPcf\/IocRUyMI6N6PeAAAAAIAC+vDCQgAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74328635,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":74328635,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74328635,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":1,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":74328635,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74328635,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZARAAIAGxHUKAAIPnDkqAsRVgsQy7nYLAAAAAIAC+vCxwQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":74329162,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74329162,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74329162,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":1,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74329162,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74329162,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07XNAAIAG0w0KAAIPUD3d9sRWd3H5FzmMAAAAAIAC+vDLcAAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":2,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74362174,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":74362174,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAuYAAEAGPaRQPd32CgACD3dxxFYAg9YB+Rc5jWAS\/\/8Y4gAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":508,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":3,"flow_src_last_pkt_time":74362581,"flow_dst_last_pkt_time":74362174,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74362581,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo7XRAAIAG0xgKAAIPUD3d9sRWd3H5FzmNAIPWAlAQ+vA1rgAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":4,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74362174,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":74362905,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/7XVAAIAG0MAKAAIPUD3d9sRWd3H5FzmNAIPWAlAY+vCrtAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4MC42MS4yMjEuMjQ2DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74329162,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74362174,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74362905,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":510,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":5,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74363127,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74363127,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAucAAEAGPadQPd32CgACD3dxxFYAg9YC+Rc75FAQ\/\/8uSAAA"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":4,"flow_src_last_pkt_time":74108184,"flow_dst_last_pkt_time":74419340,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74419340,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAusAAP8Gvksk6cmhCgACDwtGxFAAAAAAhIRYfFAUAAAIoAAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":2,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74510418,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":74510418,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAuwAAEAGWa63s1pwCgACDyZ8xFMAhNABNL0aJWAS\/\/9vrAAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":3,"flow_src_last_pkt_time":74510790,"flow_dst_last_pkt_time":74510418,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74510790,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo4oxAAIAG+hAKAAIPt7NacMRTJnw0vRolAITQAlAQ+vCMeAAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":4,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74510418,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":74511118,"pkt":"UlQAEjUCCAAn5uVZCABFAAKA4o1AAIAG97cKAAIPt7NacMRTJnw0vRolAITQAlAY+vDyUwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODMuMTc5LjkwLjExMg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":519,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74327445,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74510418,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74511118,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":520,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":5,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74511281,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74511281,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAu0AAEAGWbG3s1pwCgACDyZ8xFMAhNACNL0cfVAQ\/\/+FEQAA"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":526,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_packet_id":5,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":74419340,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74939021,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/F5AAIAGA8wKAAIPJOnJocRQC0aEhFh7AAAAAIAC+vDM7wAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":527,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":3,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077028,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdtAAIAGUVoKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":3,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077158,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FTlAAIAG3SgKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":3,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077234,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8RAAIAGrlIKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_packet_id":3,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077268,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EVBAAIAGi58KAAIPWmf3XsQq5qXgntCpAAAAAIAC+vC6MQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_packet_id":3,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077318,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Co5AAIAGJkYKAAIPfPRA7cQnEmB1c07JAAAAAIAC+vAPawAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_packet_id":3,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75108166,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gZBAAIAGBp8KAAIPwXmlDMQr2FBBRhZnAAAAAIAC+vANYQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":534,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":2,"flow_src_last_pkt_time":75264091,"flow_dst_last_pkt_time":72267129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75264091,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnNAAIAGzTcKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":535,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":2,"flow_src_last_pkt_time":75280111,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75280111,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvhAAIAGYVMKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":75358059,"flow_dst_last_pkt_time":75358059,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75358059,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":536,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":1,"flow_src_last_pkt_time":75358059,"flow_dst_last_pkt_time":75358059,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75358059,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOZAAIAGV+4KAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":75358813,"flow_dst_last_pkt_time":75358813,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75358813,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":537,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":1,"flow_src_last_pkt_time":75358813,"flow_dst_last_pkt_time":75358813,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75358813,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYdAAIAGqOAKAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":75359352,"flow_dst_last_pkt_time":75359352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75359352,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":538,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":1,"flow_src_last_pkt_time":75359352,"flow_dst_last_pkt_time":75359352,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75359352,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsVAAIAGE9AKAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":75359834,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75359834,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75359834,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":539,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":1,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75359834,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75359834,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLlAAIAGV04KAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":540,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":2,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":75482520,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":75482520,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAvIAAEAGpZCcOSoCCgACD4LExFUAh74BMu52DGAS\/\/8XLwAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":541,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":3,"flow_src_last_pkt_time":75482943,"flow_dst_last_pkt_time":75482520,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75482943,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoZAVAAIAGxIAKAAIPnDkqAsRVgsQy7nYMAIe+AlAQ+vAz+wAA"} +01304{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":4,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75482520,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":651,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":651,"pkt_l4_len":617,"thread_ts_usec":75501507,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ9ZAZAAIAGwioKAAIPnDkqAsRVgsQy7nYMAIe+AlAY+vDWNwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNTYuNTcuNDIuMg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":542,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74328635,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75482520,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75501507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":544,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":5,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75501726,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75501726,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvMAAEAGpZOcOSoCCgACD4LExFUAh74CMu54YVAQ\/\/8slwAA"} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":545,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":2,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75731769,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75731769,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvQAAP8GIh\/bRq9nCgACDxDbxFoAAAAAE+XzBlAUAAA88gAA"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":546,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":3,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122465,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtJAAIAGDgUKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":547,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":3,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122571,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R05AAIAGN+MKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":548,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":3,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122608,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faNAAIAGiKQKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":549,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_packet_id":3,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122637,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+zhAAIAGNBcKAAIPbdJRk8QxYOCX52ZFAAAAAIAC+vCFbAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":550,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":3,"flow_src_last_pkt_time":76233008,"flow_dst_last_pkt_time":75731769,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76233008,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLpAAIAGV00KAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":2,"flow_src_last_pkt_time":76326094,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76326094,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+G1AAIAG6ukKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":2,"flow_src_last_pkt_time":76326208,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76326208,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00EJAAIAGLmEKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":2,"flow_src_last_pkt_time":76326232,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76326232,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYdAAIAGFfcKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":4,"flow_src_last_pkt_time":76233008,"flow_dst_last_pkt_time":76621827,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":76621827,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvUAAP8GIh7bRq9nCgACDxDbxFoAAAAAE+XzBlAUAAA88gAA"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":3,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77122396,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4pAAIAGtdYKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":3,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77122484,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vG5AAIAGN8cKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":557,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":3,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77122514,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKJAAIAGOesKAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":558,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":5,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":76621827,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77138763,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLtAAIAGV0wKAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":559,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":3,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77138828,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZtAAIAGsgYKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":560,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":2,"flow_src_last_pkt_time":77329804,"flow_dst_last_pkt_time":74328113,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":77329804,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xdNAAIAG7kAKAAIPcf\/IocRUyMI6N6PeAAAAAIAC+vDCQgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":562,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_packet_id":3,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78169124,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VP5AAIAGOukKAAIPQr0cEcQ6P42S8gLxAAAAAIAC+vBvlwAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_packet_id":3,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78169222,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LZAAIAGCWYKAAIPAaMO9sQ5MjZr2Fv\/AAAAAIAC+vCZMAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":3,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78169259,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lylAAIAGNGEKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":565,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":2,"flow_src_last_pkt_time":78374120,"flow_dst_last_pkt_time":75358813,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374120,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYhAAIAGqN8KAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":2,"flow_src_last_pkt_time":78374257,"flow_dst_last_pkt_time":75358059,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374257,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOdAAIAGV+0KAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":2,"flow_src_last_pkt_time":78374291,"flow_dst_last_pkt_time":75359352,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374291,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsZAAIAGE88KAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":4,"flow_src_last_pkt_time":72031634,"flow_dst_last_pkt_time":78516421,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":78516421,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAvcAAEAGUPFWgcRUCgACDya7xBYAjZoBCA9PwGAS\/\/+UAgAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":5,"flow_src_last_pkt_time":78517379,"flow_dst_last_pkt_time":78516421,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":78517379,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoB11AAIAGzI4KAAIPVoHEVMQWJrsID0\/AAI2aAlAQ+vCwzgAA"} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":63001498,"flow_src_last_pkt_time":78517708,"flow_dst_last_pkt_time":78516421,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":78517708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":577,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":3,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79200890,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KchAAIAGHhYKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":3,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201010,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UW1AAIAGasEKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":579,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":3,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201060,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kRAAIAGdAUKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":580,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_packet_id":3,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201091,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0A+BAAIAG2\/IKAAIPYhKs0MRB9sQLj4LfAAAAAIAC+vAPuQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":581,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_packet_id":3,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201116,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0LJxAAIAGiMMKAAIPbdLLg8RCGMrxPNpbAAAAAIAC+vCGFQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_packet_id":3,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201158,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RnFAAIAGeL8KAAIPJO0KmMRAUy2fhJtvAAAAAIAC+vDmKQAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_packet_id":3,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232033,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Dd9AAIAGwQIKAAIPQh7dtcRHyWh8xjFMAAAAAIAC+vAMegAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":584,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_packet_id":3,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232141,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iw1AAIAGfuAKAAIPUAf8wMRGsnV8RDFlAAAAAIAC+vD24gAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":3,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232155,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0RAAIAGinwKAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":3,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":71204033,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232165,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3VAAIAGoEwKAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} 00530{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":2,"flow_src_last_pkt_time":80247614,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":80247614,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4AvwAAP8Bn\/gKAAICCgACDwMBntkAAAAARQAANGWbQAB\/BrMGCgACD0xEis\/EN7AX1ucS7g=="} 00913{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00917{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00900{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":3,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81278710,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnRAAIAGzTYKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":3,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81294293,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvlAAIAGYVIKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":3,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81278710,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnRAAIAGzTYKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":3,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81294293,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvlAAIAGYVIKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057279,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_packet_id":1,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82057279,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vx8AAIARUTcKAAIPrnNv4HAJyxAAIDoGR05EED68AQFUC1FLUlAGUk5BXS\/iNQlw"} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057536,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -750,14 +750,14 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_packet_id":1,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82066316,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0e5YAAIARIEQKAAIPUflA13AJYeIAIC6CR05EED7yAQFUC1FLUlAGUk5BXS\/iNQlw"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":82066425,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":1,"flow_src_last_pkt_time":82066425,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82066425,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06UQAAIARhsgKAAIPW7Ni6nAJGMoAIEvMR05EED7zAQFUC1FLUlAGUk5BXS\/iNQlw"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":650,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":3,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326516,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+G5AAIAG6ugKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":651,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":3,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326618,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00ENAAIAGLmAKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":652,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":3,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326660,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYhAAIAGFfYKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":655,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":3,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83345150,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xdRAAIAG7j8KAAIPcf\/IocRUyMI6N6PeAAAAAIAC+vDCQgAAAgQFtAEDAwgBAQQC"} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":4,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":83345412,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345412,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwAAAEAG3l9ZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":4,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":83345497,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345497,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwEAAEAG52MtQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":658,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":4,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":83345521,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345521,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwIAAEAG+LDPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} -00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":659,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":4,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":83345541,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345541,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwMAAEAG25tQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":650,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":3,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326516,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+G5AAIAG6ugKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":651,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":3,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326618,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00ENAAIAGLmAKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":652,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":3,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326660,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYhAAIAGFfYKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":655,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_packet_id":3,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83345150,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xdRAAIAG7j8KAAIPcf\/IocRUyMI6N6PeAAAAAIAC+vDCQgAAAgQFtAEDAwgBAQQC"} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":4,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":83345412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345412,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwAAAEAG3l9ZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":4,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":83345497,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345497,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwEAAEAG52MtQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":658,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":4,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":83345521,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345521,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwIAAEAG+LDPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} +00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":659,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":4,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":83345541,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345541,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwMAAEAG25tQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517645,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_packet_id":1,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83517645,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bTAAAIARH4QKAAIPKWR4knAJMiYAIE8WR05EED70AQFUC1FLUlAGUk5BXS\/iNQlw"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517985,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -781,86 +781,86 @@ 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":673,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83564038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83564038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":673,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":1,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83564038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":83564038,"pkt":"UlQAEjUCCAAn5uVZCABFAABLd8UAAIAR7i8KAAIPcfxWonAJJBcANy3AJNUxAmj8GYH\/vMbgH9u+AwABABgAAADDA1NDUEECAlZDRUdUS0dihkRIVElQUEA="} 00618{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":674,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":2,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":133,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":133,"pkt_l4_len":99,"thread_ts_usec":83804788,"pkt":"CAAn5uVZUlQAEjUCCABFAAB3AwYAAEARosNx\/FaiCgACDyQXcAkAY+agJNUxAmj8GYH\/vMbgH9u+AwEBAEQAAAAXJHH8VqIWAAAAAAAABMMCVVBDAQsGo0lQUGl4nAEeAOH\/2qTGGyrrJOoSptzxtNqH3sQRchsYX6MsAay4MHcT\/6kOwg=="} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83805549,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":83805549,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83805549,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":1,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":83805549,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83805549,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8ZAAIAGrlAKAAIPcfxWosRbJBfMcOElAAAAAIAC+vAJaQAAAgQFtAEDAwgBAQQC"} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":676,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":2,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84026178,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwcAAEAGoxhx\/FaiCgACDyQXxFsAmFgBzHDhJmAS\/\/\/UxQAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":677,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":3,"flow_src_last_pkt_time":84026741,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84026741,"pkt":"UlQAEjUCCAAn5uVZCABFAAAod8dAAIAGrlsKAAIPcfxWosRbJBfMcOEmAJhYAlAQ+vDxkQAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":678,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":4,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":84027383,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAd8hAAIAGrAIKAAIPcfxWosRbJBfMcOEmAJhYAlAY+vBabwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMTMuMjUyLjg2LjE2Mg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":678,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":83805549,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84027383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":5,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84027720,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84027720,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAwgAAEAGoxtx\/FaiCgACDyQXxFsAmFgCzHDjflAQ\/\/\/qKgAA"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":685,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":3,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388160,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYlAAIAGqN4KAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":686,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":3,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388275,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOhAAIAGV+wKAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":687,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":3,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388302,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsdAAIAGE84KAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":688,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84592023,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84592023,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84592023,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":688,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":1,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84592023,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84592023,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0v8BAAIAGYs4KAAIP0tH5VMRcYK9pfUzQAAAAAIAC+vDAkAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":689,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84592660,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84592660,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84592660,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":689,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":1,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84592660,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84592660,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sD9AAIAG2QsKAAIP2meLAsRdDHIwnISEAAAAAIAC+vB8tgAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":690,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":84593194,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84593194,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":690,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":1,"flow_src_last_pkt_time":84593194,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84593194,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5JAAIAGmKgKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":691,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":84593690,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84593690,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":691,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":1,"flow_src_last_pkt_time":84593690,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84593690,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KpdAAIAGI14KAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":692,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":2,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84824113,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwwAAEAGn4vS0flUCgACD2CvxFwAmkwBaX1M0WAS\/\/+X6wAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":693,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":3,"flow_src_last_pkt_time":84824601,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84824601,"pkt":"UlQAEjUCCAAn5uVZCABFAAAov8FAAIAGYtkKAAIP0tH5VMRcYK9pfUzRAJpMAlAQ+vC0twAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":694,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":4,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":84825826,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAv8JAAIAGYIAKAAIP0tH5VMRcYK9pfUzRAJpMAlAY+vAliQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMTAuMjA5LjI0OS44NA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":694,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592023,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84825826,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":695,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":5,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84826029,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84826029,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAw0AAEAGn47S0flUCgACD2CvxFwAmkwCaX1PKVAQ\/\/+tUAAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":696,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":2,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84862906,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAw4AAEAGBkbaZ4sCCgACDwxyxF0Am0YBMJyEhWAS\/\/9aEAAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":697,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":3,"flow_src_last_pkt_time":84863146,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84863146,"pkt":"UlQAEjUCCAAn5uVZCABFAAAosEBAAIAG2RYKAAIP2meLAsRdDHIwnISFAJtGAlAQ+vB23AAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":698,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":4,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":84863568,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/sEFAAIAG1r4KAAIP2meLAsRdDHIwnISFAJtGAlAY+vD22gAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMTguMTAzLjEzOS4yDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":698,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592660,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84863568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":699,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":5,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84863777,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84863777,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAw8AAEAGBknaZ4sCCgACDwxyxF0Am0YCMJyG3FAQ\/\/9vdgAA"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":710,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":85607249,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607249,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":710,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":1,"flow_src_last_pkt_time":85607249,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607249,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07jxAAIAGRpwKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":711,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":85607568,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":711,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":1,"flow_src_last_pkt_time":85607568,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607568,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AtdAAIAGwDkKAAIPGLMS8sRhuOFovA6\/AAAAAIAC+vBHrQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":712,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":85607814,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607814,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":712,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":1,"flow_src_last_pkt_time":85607814,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607814,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03ztAAIAGuFgKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":85608077,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85608077,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":1,"flow_src_last_pkt_time":85608077,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85608077,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UCdAAIAGv8oKAAIPenVkTsRjIzKhF7fWAAAAAIAC+vBIyQAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":714,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":86639056,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86639056,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":714,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":1,"flow_src_last_pkt_time":86639056,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86639056,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EcBAAIAG34AKAAIPYPacfsRk2wZPr5++AAAAAIAC+vDbwgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":715,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":86639757,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86639757,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":715,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":1,"flow_src_last_pkt_time":86639757,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86639757,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sxxAAIAG7QgKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":716,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":86640432,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86640432,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":716,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":1,"flow_src_last_pkt_time":86640432,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86640432,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CNAAIAGre8KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":86641393,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86641393,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":1,"flow_src_last_pkt_time":86641393,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86641393,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vEFAAIAGZK4KAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":720,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":2,"flow_src_last_pkt_time":87610924,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87610924,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5NAAIAGmKcKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":721,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":2,"flow_src_last_pkt_time":87611060,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87611060,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KphAAIAGI10KAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":87670084,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87670084,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":1,"flow_src_last_pkt_time":87670084,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87670084,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMpAAIAG1h0KAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":87670730,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87670730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":1,"flow_src_last_pkt_time":87670730,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87670730,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068NAAIAGCc0KAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":87671361,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87671361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":1,"flow_src_last_pkt_time":87671361,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87671361,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aolAAIAGZI4KAAIP3XxCIcRqMwT80GtdAAAAAIAC+vDo1QAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":725,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87671915,"flow_src_last_pkt_time":87671915,"flow_dst_last_pkt_time":87671915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87671915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":725,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":1,"flow_src_last_pkt_time":87671915,"flow_dst_last_pkt_time":87671915,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87671915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eNtAAIAGqL8KAAIPM0SZ1sRriLxORLlDAAAAAIAC+vBGRgAAAgQFtAEDAwgBAQQC"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":726,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":2,"flow_src_last_pkt_time":87671915,"flow_dst_last_pkt_time":87706587,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":87706587,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAyIAAP8G34QzRJnWCgACD4i8xGsAAAAATkS5RFAUAACB9gAA"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":3,"flow_src_last_pkt_time":88219224,"flow_dst_last_pkt_time":87706587,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88219224,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eNxAAIAGqL4KAAIPM0SZ1sRriLxORLlDAAAAAIAC+vBGRgAAAgQFtAEDAwgBAQQC"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":733,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":4,"flow_src_last_pkt_time":88219224,"flow_dst_last_pkt_time":88257628,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88257628,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAycAAP8G338zRJnWCgACD4i8xGsAAAAATkS5RFAUAACB9gAA"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":734,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":2,"flow_src_last_pkt_time":88622095,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622095,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AthAAIAGwDgKAAIPGLMS8sRhuOFovA6\/AAAAAIAC+vBHrQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":735,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":2,"flow_src_last_pkt_time":88622241,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622241,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UChAAIAGv8kKAAIPenVkTsRjIzKhF7fWAAAAAIAC+vBIyQAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":736,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":2,"flow_src_last_pkt_time":88622298,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622298,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07j1AAIAGRpsKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":737,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":2,"flow_src_last_pkt_time":88622328,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622328,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03zxAAIAGuFcKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":740,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88704150,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88704150,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88704150,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":740,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":1,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88704150,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88704150,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05t5AAIAGvPEKAAIPaJziSMRs0ArGWKhyAAAAAIAC+vAZ6QAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":741,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88704875,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88704875,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88704875,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":741,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":1,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88704875,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88704875,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cchAAIAGzAoKAAIPS4VlXcRtzI\/Cd\/CCAAAAAIAC+vBzNgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":742,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":88705517,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88705517,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":742,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":1,"flow_src_last_pkt_time":88705517,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88705517,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNJAAIAG5KYKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":743,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":88706114,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88706114,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":743,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":1,"flow_src_last_pkt_time":88706114,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88706114,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYJAAIAGx78KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":744,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":5,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88257628,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88763863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eN1AAIAGqL0KAAIPM0SZ1sRriLxORLlDAAAAAIAC+vBGRgAAAgQFtAEDAwgBAQQC"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":746,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":2,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":88816649,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAyoAAEAGurFLhWVdCgACD8yPxG0AoxYBwnfwg2AS\/\/+AiAAAAgQFtA=="} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":747,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":3,"flow_src_last_pkt_time":88816906,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88816906,"pkt":"UlQAEjUCCAAn5uVZCABFAAAocclAAIAGzBUKAAIPS4VlXcRtzI\/Cd\/CDAKMWAlAQ+vCdVAAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":4,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":88817129,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/ccpAAIAGyb0KAAIPS4VlXcRtzI\/Cd\/CDAKMWAlAY+vAHZgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA3NS4xMzMuMTAxLjkzDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704875,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88817129,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":749,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":5,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88817229,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88817229,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAysAAEAGurRLhWVdCgACD8yPxG0AoxYCwnfy2lAQ\/\/+V7gAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":750,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":2,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":88832463,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAywAAEAGIK1onOJICgACD9AKxGwApBABxlioc2AS\/\/8tOgAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":751,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":3,"flow_src_last_pkt_time":88832860,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88832860,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5t9AAIAGvPwKAAIPaJziSMRs0ArGWKhzAKQQAlAQ+vBKBgAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":4,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":88833232,"pkt":"UlQAEjUCCAAn5uVZCABFAAKA5uBAAIAGuqMKAAIPaJziSMRs0ArGWKhzAKQQAlAY+vC63AAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMDQuMTU2LjIyNi43Mg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704150,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88833232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":753,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":5,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88833401,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88833401,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAy0AAEAGILBonOJICgACD9AKxGwApBACxliqy1AQ\/\/9CnwAA"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83805549,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":83805549,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83805549,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":1,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":83805549,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83805549,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8ZAAIAGrlAKAAIPcfxWosRbJBfMcOElAAAAAIAC+vAJaQAAAgQFtAEDAwgBAQQC"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":676,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":2,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":84026178,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84026178,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwcAAEAGoxhx\/FaiCgACDyQXxFsAmFgBzHDhJmAS\/\/\/UxQAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":677,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":3,"flow_src_last_pkt_time":84026741,"flow_dst_last_pkt_time":84026178,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84026741,"pkt":"UlQAEjUCCAAn5uVZCABFAAAod8dAAIAGrlsKAAIPcfxWosRbJBfMcOEmAJhYAlAQ+vDxkQAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":678,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":4,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84026178,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":84027383,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAd8hAAIAGrAIKAAIPcfxWosRbJBfMcOEmAJhYAlAY+vBabwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMTMuMjUyLjg2LjE2Mg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":678,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":83805549,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84026178,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84027383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":5,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84027720,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84027720,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAwgAAEAGoxtx\/FaiCgACDyQXxFsAmFgCzHDjflAQ\/\/\/qKgAA"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":685,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":3,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388160,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYlAAIAGqN4KAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":686,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":3,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388275,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOhAAIAGV+wKAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":687,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":3,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388302,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsdAAIAGE84KAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":688,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84592023,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84592023,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84592023,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":688,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":1,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84592023,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84592023,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0v8BAAIAGYs4KAAIP0tH5VMRcYK9pfUzQAAAAAIAC+vDAkAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":689,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84592660,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84592660,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84592660,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":689,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":1,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84592660,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84592660,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sD9AAIAG2QsKAAIP2meLAsRdDHIwnISEAAAAAIAC+vB8tgAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":690,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":84593194,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84593194,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":690,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":1,"flow_src_last_pkt_time":84593194,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84593194,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5JAAIAGmKgKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":691,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":84593690,"flow_dst_last_pkt_time":84593690,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84593690,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":691,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":1,"flow_src_last_pkt_time":84593690,"flow_dst_last_pkt_time":84593690,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84593690,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KpdAAIAGI14KAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":692,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":2,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84824113,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84824113,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwwAAEAGn4vS0flUCgACD2CvxFwAmkwBaX1M0WAS\/\/+X6wAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":693,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":3,"flow_src_last_pkt_time":84824601,"flow_dst_last_pkt_time":84824113,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84824601,"pkt":"UlQAEjUCCAAn5uVZCABFAAAov8FAAIAGYtkKAAIP0tH5VMRcYK9pfUzRAJpMAlAQ+vC0twAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":694,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":4,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84824113,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":84825826,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAv8JAAIAGYIAKAAIP0tH5VMRcYK9pfUzRAJpMAlAY+vAliQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMTAuMjA5LjI0OS44NA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":694,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592023,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84824113,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84825826,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":695,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":5,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84826029,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84826029,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAw0AAEAGn47S0flUCgACD2CvxFwAmkwCaX1PKVAQ\/\/+tUAAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":696,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":2,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84862906,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84862906,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAw4AAEAGBkbaZ4sCCgACDwxyxF0Am0YBMJyEhWAS\/\/9aEAAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":697,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":3,"flow_src_last_pkt_time":84863146,"flow_dst_last_pkt_time":84862906,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84863146,"pkt":"UlQAEjUCCAAn5uVZCABFAAAosEBAAIAG2RYKAAIP2meLAsRdDHIwnISFAJtGAlAQ+vB23AAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":698,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":4,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84862906,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":84863568,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/sEFAAIAG1r4KAAIP2meLAsRdDHIwnISFAJtGAlAY+vD22gAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMTguMTAzLjEzOS4yDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":698,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592660,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84862906,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84863568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":699,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":5,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84863777,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84863777,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAw8AAEAGBknaZ4sCCgACDwxyxF0Am0YCMJyG3FAQ\/\/9vdgAA"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":710,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":85607249,"flow_dst_last_pkt_time":85607249,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607249,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":710,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":1,"flow_src_last_pkt_time":85607249,"flow_dst_last_pkt_time":85607249,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607249,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07jxAAIAGRpwKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":711,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":85607568,"flow_dst_last_pkt_time":85607568,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":711,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":1,"flow_src_last_pkt_time":85607568,"flow_dst_last_pkt_time":85607568,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607568,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AtdAAIAGwDkKAAIPGLMS8sRhuOFovA6\/AAAAAIAC+vBHrQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":712,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":85607814,"flow_dst_last_pkt_time":85607814,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607814,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":712,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":1,"flow_src_last_pkt_time":85607814,"flow_dst_last_pkt_time":85607814,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607814,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03ztAAIAGuFgKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":85608077,"flow_dst_last_pkt_time":85608077,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85608077,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":1,"flow_src_last_pkt_time":85608077,"flow_dst_last_pkt_time":85608077,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85608077,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UCdAAIAGv8oKAAIPenVkTsRjIzKhF7fWAAAAAIAC+vBIyQAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":714,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":86639056,"flow_dst_last_pkt_time":86639056,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86639056,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":714,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":1,"flow_src_last_pkt_time":86639056,"flow_dst_last_pkt_time":86639056,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86639056,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EcBAAIAG34AKAAIPYPacfsRk2wZPr5++AAAAAIAC+vDbwgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":715,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":86639757,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86639757,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":715,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":1,"flow_src_last_pkt_time":86639757,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86639757,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sxxAAIAG7QgKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":716,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":86640432,"flow_dst_last_pkt_time":86640432,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86640432,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":716,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":1,"flow_src_last_pkt_time":86640432,"flow_dst_last_pkt_time":86640432,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86640432,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CNAAIAGre8KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":86641393,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":86641393,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":1,"flow_src_last_pkt_time":86641393,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":86641393,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vEFAAIAGZK4KAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":720,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":2,"flow_src_last_pkt_time":87610924,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87610924,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5NAAIAGmKcKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":721,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":2,"flow_src_last_pkt_time":87611060,"flow_dst_last_pkt_time":84593690,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87611060,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KphAAIAGI10KAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":87670084,"flow_dst_last_pkt_time":87670084,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87670084,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":1,"flow_src_last_pkt_time":87670084,"flow_dst_last_pkt_time":87670084,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87670084,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMpAAIAG1h0KAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":87670730,"flow_dst_last_pkt_time":87670730,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87670730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":1,"flow_src_last_pkt_time":87670730,"flow_dst_last_pkt_time":87670730,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87670730,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068NAAIAGCc0KAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":87671361,"flow_dst_last_pkt_time":87671361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87671361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":1,"flow_src_last_pkt_time":87671361,"flow_dst_last_pkt_time":87671361,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87671361,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aolAAIAGZI4KAAIP3XxCIcRqMwT80GtdAAAAAIAC+vDo1QAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":725,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":87671915,"flow_src_last_pkt_time":87671915,"flow_dst_last_pkt_time":87671915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":87671915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":725,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":1,"flow_src_last_pkt_time":87671915,"flow_dst_last_pkt_time":87671915,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":87671915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eNtAAIAGqL8KAAIPM0SZ1sRriLxORLlDAAAAAIAC+vBGRgAAAgQFtAEDAwgBAQQC"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":726,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":2,"flow_src_last_pkt_time":87671915,"flow_dst_last_pkt_time":87706587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":87706587,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAyIAAP8G34QzRJnWCgACD4i8xGsAAAAATkS5RFAUAACB9gAA"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":3,"flow_src_last_pkt_time":88219224,"flow_dst_last_pkt_time":87706587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88219224,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eNxAAIAGqL4KAAIPM0SZ1sRriLxORLlDAAAAAIAC+vBGRgAAAgQFtAEDAwgBAQQC"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":733,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":4,"flow_src_last_pkt_time":88219224,"flow_dst_last_pkt_time":88257628,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88257628,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAycAAP8G338zRJnWCgACD4i8xGsAAAAATkS5RFAUAACB9gAA"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":734,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":2,"flow_src_last_pkt_time":88622095,"flow_dst_last_pkt_time":85607568,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622095,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AthAAIAGwDgKAAIPGLMS8sRhuOFovA6\/AAAAAIAC+vBHrQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":735,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":2,"flow_src_last_pkt_time":88622241,"flow_dst_last_pkt_time":85608077,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622241,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UChAAIAGv8kKAAIPenVkTsRjIzKhF7fWAAAAAIAC+vBIyQAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":736,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":2,"flow_src_last_pkt_time":88622298,"flow_dst_last_pkt_time":85607249,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622298,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07j1AAIAGRpsKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":737,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":2,"flow_src_last_pkt_time":88622328,"flow_dst_last_pkt_time":85607814,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88622328,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03zxAAIAGuFcKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":740,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88704150,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88704150,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88704150,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":740,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":1,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88704150,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88704150,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05t5AAIAGvPEKAAIPaJziSMRs0ArGWKhyAAAAAIAC+vAZ6QAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":741,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88704875,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88704875,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88704875,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":741,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":1,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88704875,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88704875,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cchAAIAGzAoKAAIPS4VlXcRtzI\/Cd\/CCAAAAAIAC+vBzNgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":742,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":88705517,"flow_dst_last_pkt_time":88705517,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88705517,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":742,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":1,"flow_src_last_pkt_time":88705517,"flow_dst_last_pkt_time":88705517,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88705517,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNJAAIAG5KYKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":743,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":88706114,"flow_dst_last_pkt_time":88706114,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88706114,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":743,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":1,"flow_src_last_pkt_time":88706114,"flow_dst_last_pkt_time":88706114,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88706114,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYJAAIAGx78KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":744,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_packet_id":5,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88257628,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88763863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eN1AAIAGqL0KAAIPM0SZ1sRriLxORLlDAAAAAIAC+vBGRgAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":746,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":2,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88816649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":88816649,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAyoAAEAGurFLhWVdCgACD8yPxG0AoxYBwnfwg2AS\/\/+AiAAAAgQFtA=="} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":747,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":3,"flow_src_last_pkt_time":88816906,"flow_dst_last_pkt_time":88816649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88816906,"pkt":"UlQAEjUCCAAn5uVZCABFAAAocclAAIAGzBUKAAIPS4VlXcRtzI\/Cd\/CDAKMWAlAQ+vCdVAAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":4,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88816649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":88817129,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/ccpAAIAGyb0KAAIPS4VlXcRtzI\/Cd\/CDAKMWAlAY+vAHZgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA3NS4xMzMuMTAxLjkzDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704875,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88816649,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88817129,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":749,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":5,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88817229,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88817229,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAysAAEAGurRLhWVdCgACD8yPxG0AoxYCwnfy2lAQ\/\/+V7gAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":750,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":2,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88832463,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":88832463,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAywAAEAGIK1onOJICgACD9AKxGwApBABxlioc2AS\/\/8tOgAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":751,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":3,"flow_src_last_pkt_time":88832860,"flow_dst_last_pkt_time":88832463,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88832860,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5t9AAIAGvPwKAAIPaJziSMRs0ArGWKhzAKQQAlAQ+vBKBgAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":4,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88832463,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":88833232,"pkt":"UlQAEjUCCAAn5uVZCABFAAKA5uBAAIAGuqMKAAIPaJziSMRs0ArGWKhzAKQQAlAY+vC63AAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMDQuMTU2LjIyNi43Mg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704150,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88832463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88833232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":753,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":5,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88833401,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88833401,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAy0AAEAGILBonOJICgACD9AKxGwApBACxliqy1AQ\/\/9CnwAA"} 00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":754,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":3,"flow_src_last_pkt_time":88897406,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":88897406,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4Ay4AAP8Bn8YKAAICCgACDwMBvHoAAAAARQAANFAnQAB\/BsDKCgACD3p1ZE7EYyMyoRe31g=="} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":758,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":88941886,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88941886,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00530{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":758,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":1,"flow_src_last_pkt_time":88941886,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":88941886,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4ccwAAIARC\/gKAAIPS4VlXXAJzI8AJKBHjeQxAkkpJRz\/KX356SYEAwABAAUAAADDglFLQA=="} @@ -871,15 +871,15 @@ 00576{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":772,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":3,"flow_src_last_pkt_time":89584712,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":103,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":103,"pkt_l4_len":69,"thread_ts_usec":89584712,"pkt":"UlQAEjUCCAAn5uVZCABFAABZcdAAAIARC9MKAAIPS4VlXXAJzI8ARU1UTtkxAvX0Cql3HOwyFoQpokQAACYAAAABR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAA=="} 00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":774,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_packet_id":3,"flow_src_last_pkt_time":89612852,"flow_dst_last_pkt_time":89115017,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":103,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":103,"pkt_l4_len":69,"thread_ts_usec":89612852,"pkt":"UlQAEjUCCAAn5uVZCABFAABZ5uQAAIAR\/LsKAAIPaJziSHAJ0AoARRIl9XkxAr8paNvEgdBJGPDFY0QAACYAAAABR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAA=="} 00577{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":775,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_packet_id":4,"flow_src_last_pkt_time":89613083,"flow_dst_last_pkt_time":89115017,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":103,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":103,"pkt_l4_len":69,"thread_ts_usec":89613083,"pkt":"UlQAEjUCCAAn5uVZCABFAABZ5uUAAIAR\/LoKAAIPaJziSHAJ0AoARdi9+y8xAsHdF15whbDSmpI5r0QAACYAAAABR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAA=="} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":776,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":2,"flow_src_last_pkt_time":89653795,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653795,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vEJAAIAGZK0KAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":777,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":2,"flow_src_last_pkt_time":89653889,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653889,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CRAAIAGre4KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":778,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":2,"flow_src_last_pkt_time":89653915,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sx1AAIAG7QcKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":780,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":2,"flow_src_last_pkt_time":89653960,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653960,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EcFAAIAG338KAAIPYPacfsRk2wZPr5++AAAAAIAC+vDbwgAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":776,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":2,"flow_src_last_pkt_time":89653795,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653795,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vEJAAIAGZK0KAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":777,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":2,"flow_src_last_pkt_time":89653889,"flow_dst_last_pkt_time":86640432,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653889,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CRAAIAGre4KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":778,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":2,"flow_src_last_pkt_time":89653915,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sx1AAIAG7QcKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":780,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":2,"flow_src_last_pkt_time":89653960,"flow_dst_last_pkt_time":86639056,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89653960,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EcFAAIAG338KAAIPYPacfsRk2wZPr5++AAAAAIAC+vDbwgAAAgQFtAEDAwgBAQQC"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":781,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_packet_id":5,"flow_src_last_pkt_time":89613083,"flow_dst_last_pkt_time":89708664,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":112,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":112,"pkt_l4_len":78,"thread_ts_usec":89708664,"pkt":"CAAn5uVZUlQAEjUCCABFAABiAzkAAEARIF9onOJICgACD9AKcAkAToJN9XkxAr8paNvEgdBJGPDFY0QAAC8AAAACR1RLRwAAXGD61oRYBgHW6dft+VJZBEbdt40EaJziSNAKAQAAAARdL+I1N6ABPw=="} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":783,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":89732915,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89732915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":783,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":1,"flow_src_last_pkt_time":89732915,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89732915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AqRAAIAGaH4KAAIPTHc3HMRwT3sv+xA+AAAAAIAC+vCQWAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":784,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":89733458,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89733458,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":784,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":1,"flow_src_last_pkt_time":89733458,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89733458,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYFAAIAGGXcKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":783,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":89732915,"flow_dst_last_pkt_time":89732915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89732915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":783,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":1,"flow_src_last_pkt_time":89732915,"flow_dst_last_pkt_time":89732915,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89732915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AqRAAIAGaH4KAAIPTHc3HMRwT3sv+xA+AAAAAIAC+vCQWAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":784,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":89733458,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89733458,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":784,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":1,"flow_src_last_pkt_time":89733458,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89733458,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYFAAIAGGXcKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":1,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829104,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBGAAAIARhQ4KAAIPYEFEwnAJipkAWRiep7MxAim3LsYw33fFcko2zkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -952,258 +952,258 @@ 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":819,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":2,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90386058,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90386058,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0UAAEARlVpn6GtkCgACD6n0cAkC312iBkIxAi75axRUS7XsWs\/C60QAAMACAAAGR1RLRwAABkx5M4bYu4J4fOkW\/7Sl8nWo53gEZ+hrZKn0AQAAAASAlqYNFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":820,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":2,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90452008,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90452008,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0YAAEAR+vI88TDCCgACD1M1cAkC31EXqc0xAhWpgpzJQk2EqzRt70QAAMACAAAGR1RLRwAAGN\/m\/5SuT3RX9Y8zGKdBIhyITj8EPPEwwlM1AQAAAASjKCcfFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":821,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_packet_id":2,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90501070,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90501070,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0cAAEAR1dPL3Mb0CgACDwSqcAkC3641ZPExAoo7ciOaCRHkTxe8NEQAAMACAAAGR1RLRwAAEQ4bgk0QPBUYN04RWX3wJMmwXm4Ey9zG9ASqAQAAAASVBH3jFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":822,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":2,"flow_src_last_pkt_time":90684669,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90684669,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMtAAIAG1hwKAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":823,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":2,"flow_src_last_pkt_time":90684837,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90684837,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068RAAIAGCcwKAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":824,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":2,"flow_src_last_pkt_time":90684872,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90684872,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aopAAIAGZI0KAAIP3XxCIcRqMwT80GtdAAAAAIAC+vDo1QAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":826,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":90737440,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90737440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":826,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":1,"flow_src_last_pkt_time":90737440,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90737440,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg1AAIAGKkYKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":827,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90738015,"flow_src_last_pkt_time":90738015,"flow_dst_last_pkt_time":90738015,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90738015,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":827,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":1,"flow_src_last_pkt_time":90738015,"flow_dst_last_pkt_time":90738015,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90738015,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RsxAAIAGRA8KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":828,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":90738695,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90738695,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":828,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":1,"flow_src_last_pkt_time":90738695,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90738695,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYtAAIAGqNwKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":829,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90739278,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90739278,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90739278,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":829,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":1,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90739278,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90739278,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s+5AAIAGId8KAAIPYVO3lMR1IrqGMBLYAAAAAIAC+vDO8AAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":830,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90740151,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":90740151,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90740151,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":830,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":1,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":90740151,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90740151,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0th9AAIAGKegKAAIPDsj\/5cR2kMKte\/8bAAAAAIAC+vBXkgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":831,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90740683,"flow_src_last_pkt_time":90740683,"flow_dst_last_pkt_time":90740683,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90740683,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":831,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":1,"flow_src_last_pkt_time":90740683,"flow_dst_last_pkt_time":90740683,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90740683,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pBlAAIAGrCMKAAIPJo536sR3wkQjIZHBAAAAAIAC+vCN+QAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":832,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90741172,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90741172,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90741172,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":832,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":1,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90741172,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90741172,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0HOdAAIAGsV8KAAIPTTrTNMR4Dt40RJ3MAAAAAIAC+vCiOgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":833,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90741572,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":90741572,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90741572,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":833,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":1,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":90741572,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90741572,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tiBAAIAGKecKAAIPDsj\/5cR5so6\/ZuJwAAAAAIAC+vBAgwAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":834,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90741945,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90741945,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90741945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":834,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":1,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90741945,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90741945,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DzpAAIAGPpAKAAIPLoBya8R6GbLOIdYWAAAAAIAC+vBEwAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":835,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90742427,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":90742427,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90742427,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":835,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":1,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":90742427,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90742427,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TH5AAIAGD2YKAAIPy9zG9MR7BKqh2JWmAAAAAIAC+vDUmgAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":836,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90742816,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90742816,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90742816,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":836,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":1,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90742816,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90742816,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0VAAIAGinsKAAIPvD00t8R8LkyIWpaCAAAAAIAC+vBldgAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":837,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90743161,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90743161,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90743161,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":837,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":1,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90743161,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90743161,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oEFAAIAGwA4KAAIPV3s26sR903KojXlgAAAAAIAC+vAfzQAAAgQFtAEDAwgBAQQC"} -00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":838,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90743600,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90743600,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90743600,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":838,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":1,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90743600,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90743600,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03P1AAIAGv8gKAAIPS0AGr8R+EocndMkvAAAAAIAC+vBOeAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":839,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744013,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90744013,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744013,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":839,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":1,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90744013,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744013,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+\/xAAIAGUGkKAAIPWHhJ18R\/X\/Jjsy0QAAAAAIAC+vAQjAAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":840,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744462,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90744462,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744462,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":840,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":1,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90744462,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744462,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03DVAAIAGmm4KAAIPVagiacSAm+Tx8HlYAAAAAIAC+vAkUQAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":841,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":90744632,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744632,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":841,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":1,"flow_src_last_pkt_time":90744632,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744632,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MiRAAIAGHAkKAAIPXjZCUsSB+JU5M3UyAAAAAIAC+vBcCwAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":842,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744824,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":90744824,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744824,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":842,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":1,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":90744824,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744824,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uGpAAIAGyAkKAAIP3O6RUsSCgvcQKi\/TAAAAAIAC+vByWAAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":843,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745008,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90745008,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745008,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":843,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":1,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90745008,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745008,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GLNAAIAGdYoKAAIPsGOwFMSDGMp5VHLfAAAAAIAC+vA+FwAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":844,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745170,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90745170,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745170,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":844,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":1,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90745170,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745170,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0golAAIAGq4MKAAIPwSX\/gsSE8LC\/3xvGAAAAAIAC+vAWjQAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":845,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745391,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":90745391,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745391,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":845,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":1,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":90745391,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745391,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xU1AAIAGu7QKAAIPPPEwwsSFUzVU0GEOAAAAAIAC+vAsxAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":846,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":90745561,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745561,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":846,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":1,"flow_src_last_pkt_time":90745561,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745561,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4FAAIAGzRQKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":847,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745788,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":90745788,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745788,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":847,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":1,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":90745788,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745788,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0zKVAAIAG6UMKAAIPlRyjr8SHwyS+2ZeIAAAAAIAC+vBRNgAAAgQFtAEDAwgBAQQC"} -00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":848,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745963,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90745963,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745963,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":848,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":1,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90745963,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745963,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Bk5AAIAG0n4KAAIPaO6s+sSIW\/wAgZpOAAAAAIAC+vCW0wAAAgQFtAEDAwgBAQQC"} -00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":849,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746142,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90746142,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746142,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":849,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":1,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90746142,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746142,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BGFAAIAGRVEKAAIPYEFEwsSJipmyoW1hAAAAAIAC+vBT5wAAAgQFtAEDAwgBAQQC"} -00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":850,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746322,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90746322,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746322,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":850,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":1,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90746322,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746322,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iw5AAIAGft8KAAIPUAf8wMSKGugAPu54AAAAAIAC+vBNHwAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":851,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746458,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90746458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746458,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":851,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":1,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90746458,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746458,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0e4RAAIAGraEKAAIPLR+YcMSLaOPXzV5xAAAAAIAC+vA+0wAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":852,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746613,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90746613,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746613,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":852,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":1,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90746613,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746613,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xktAAIAG9NcKAAIPjoSlDcSMd2bhikpDAAAAAIAC+vDMvQAAAgQFtAEDAwgBAQQC"} -00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":853,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746756,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90746756,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746756,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":853,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":1,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90746756,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746756,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xP1AAIAGoVMKAAIPvKXLvsSNVetyIY5LAAAAAIAC+vDExgAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":854,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746915,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90746915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":854,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":1,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90746915,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Yo9AAIAGTC8KAAIPwSB+1sSO6MzJTpedAAAAAIAC+vAZ0gAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":855,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747070,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90747070,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747070,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":855,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":1,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90747070,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747070,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0OINAAIAGsckKAAIPubtKrcSP0PGcxJ9SAAAAAIAC+vCSDwAAAgQFtAEDAwgBAQQC"} -00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":856,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747315,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90747315,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747315,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":856,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":1,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90747315,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747315,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SsxAAIAGLMcKAAIPwqO0fsSQKkliYWFkAAAAAIAC+vA+TwAAAgQFtAEDAwgBAQQC"} -00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":857,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":90747448,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747448,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":857,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":1,"flow_src_last_pkt_time":90747448,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747448,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Ar9AAIAGpjAKAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":858,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747580,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90747580,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747580,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":858,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":1,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90747580,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747580,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ptBAAIAGmUcKAAIPpIQKGcSS2AZOgZ\/9AAAAAIAC+vAuWwAAAgQFtAEDAwgBAQQC"} -00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":859,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747782,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90747782,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747782,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":859,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":1,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90747782,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747782,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eN9AAIAGqLsKAAIPM0SZ1sSTZo3Cj79BAAAAAIAC+vDuAwAAAgQFtAEDAwgBAQQC"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":860,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":2,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90760006,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0kAAEAGeoC8PTS3CgACDy5MxHwAp\/gBiFqWg2AS\/\/+QwwAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":861,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":3,"flow_src_last_pkt_time":90760234,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90760234,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoc0ZAAIAGioYKAAIPvD00t8R8LkyIWpaDAKf4AlAQ+vCtjwAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":862,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":4,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90763740,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/c0dAAIAGiC4KAAIPvD00t8R8LkyIWpaDAKf4AlAY+vAZlQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODguNjEuNTIuMTgzDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":862,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742816,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90763740,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":863,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":5,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90763952,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90763952,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA0oAAEAGeoO8PTS3CgACDy5MxHwAp\/gCiFqY2lAQ\/\/+mKQAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":864,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":2,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90767342,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0sAAEAGN+GOhKUNCgACD3dmxIwAqPIB4YpKRGAS\/\/\/+CQAAAgQFtA=="} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":865,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":2,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90767744,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0wAAEAGSwNNOtM0CgACDw7exHgAqewBNESdzWAS\/\/\/ZhQAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":866,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":3,"flow_src_last_pkt_time":90767809,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90767809,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxkxAAIAG9OIKAAIPjoSlDcSMd2bhikpEAKjyAlAQ+vAa1gAA"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":867,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":3,"flow_src_last_pkt_time":90768107,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90768107,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoHOhAAIAGsWoKAAIPTTrTNMR4Dt40RJ3NAKnsAlAQ+vD2UQAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":868,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":4,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90768191,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAxk1AAIAG8okKAAIPjoSlDcSMd2bhikpEAKjyAlAY+vCEugAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNDIuMTMyLjE2NS4xMw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":868,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746613,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90768191,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":869,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":5,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90768307,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90768307,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA00AAEAGN+OOhKUNCgACD3dmxIwAqPIC4YpMnFAQ\/\/8TbwAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":870,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":2,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90768698,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA04AAEAG9E3Co7R+CgACDypJxJAAquYBYmFhZWAS\/\/97mQAAAgQFtA=="} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":871,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":4,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":90771803,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+HOlAAIAGrxMKAAIPTTrTNMR4Dt40RJ3NAKnsAlAY+vCPYAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA3Ny41OC4yMTEuNTINClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":871,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741172,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90771803,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":872,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":5,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90772019,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772019,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA08AAEAGSwRNOtM0CgACDw7exHgAqewCNESgI1AQ\/\/\/u7AAA"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":873,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":3,"flow_src_last_pkt_time":90772156,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772156,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoSs1AAIAGLNIKAAIPwqO0fsSQKkliYWFlAKrmAlAQ+vCYZQAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":874,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":2,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90772201,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1AAAEAGZwW5u0qtCgACD9DxxI8Aq+ABnMSfU2AS\/\/\/VWAAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":875,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":2,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90772397,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1EAAEAG4wi8pcu+CgACD1XrxI0ArNoBciGOTGAS\/\/8ODwAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":876,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":3,"flow_src_last_pkt_time":90772438,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772438,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoOIRAAIAGsdQKAAIPubtKrcSP0PGcxJ9TAKvgAlAQ+vDyJAAA"} -01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":877,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":4,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":90772488,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBSs5AAIAGKngKAAIPwqO0fsSQKkliYWFlAKrmAlAY+vDTOgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxOTQuMTYzLjE4MC4xMjYNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":877,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747315,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":878,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":5,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90772549,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772549,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1IAAEAG9E3Co7R+CgACDypJxJAAquYCYmFjvlAQ\/\/+Q\/QAA"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":879,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":3,"flow_src_last_pkt_time":90772602,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772602,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxP5AAIAGoV4KAAIPvKXLvsSNVetyIY5MAKzaAlAQ+vAq2wAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":880,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":4,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90772735,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAOIVAAIAGr3sKAAIPubtKrcSP0PGcxJ9TAKvgAlAY+vBR\/AAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODUuMTg3Ljc0LjE3Mw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":880,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747070,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772735,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":881,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":5,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772849,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772849,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1MAAEAGZwa5u0qtCgACD9DxxI8Aq+ACnMShq1AQ\/\/\/qvQAA"} -01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":882,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":4,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":90772949,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBxP9AAIAGnwQKAAIPvKXLvsSNVetyIY5MAKzaAlAY+vBnrAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODguMTY1LjIwMy4xOTANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":882,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746756,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772949,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":883,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":5,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90773045,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90773045,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1QAAEAG4wm8pcu+CgACD1XrxI0ArNoCciGQpVAQ\/\/8jcwAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":884,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":2,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776532,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1UAAEAGyRlYeEnXCgACD1\/yxH8ArdQBY7MtEWAS\/\/9f0wAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":885,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":2,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776723,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1YAAEAGK3HBIH7WCgACD+jMxI4Ars4ByU6XnmAS\/\/9vGAAAAgQFtA=="} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":886,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":3,"flow_src_last_pkt_time":90776781,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90776781,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo+\/1AAIAGUHQKAAIPWHhJ18R\/X\/Jjsy0RAK3UAlAQ+vB8nwAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":887,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":2,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776891,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1cAAEAGVX5o7qz6CgACD1v8xIgAr8gBAIGaT2AS\/\/\/yGAAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":888,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":3,"flow_src_last_pkt_time":90776939,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90776939,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoYpBAAIAGTDoKAAIPwSB+1sSO6MzJTpeeAK7OAlAQ+vCL5AAA"} -01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":889,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":4,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90776965,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/+\/5AAIAGThwKAAIPWHhJ18R\/X\/Jjsy0RAK3UAlAY+vDrpwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4OC4xMjAuNzMuMjE1DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":889,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744013,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90776965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":890,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":5,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90777020,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777020,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1gAAEAGyRpYeEnXCgACD1\/yxH8ArdQCY7MvaFAQ\/\/91OQAA"} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":891,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":3,"flow_src_last_pkt_time":90777173,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777173,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoBk9AAIAG0okKAAIPaO6s+sSIW\/wAgZpPAK\/IAlAQ+vAO5QAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":892,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":4,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90777390,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAYpFAAIAGSeEKAAIPwSB+1sSO6MzJTpeeAK7OAlAY+vDpzwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxOTMuMzIuMTI2LjIxNA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":892,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746915,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777390,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":893,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":5,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90777540,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777540,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1kAAEAGK3LBIH7WCgACD+jMxI4Ars4CyU6Z9lAQ\/\/+EfQAA"} -01314{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":894,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":4,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":90777612,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBBlBAAIAG0C8KAAIPaO6s+sSIW\/wAgZpPAK\/IAlAY+vBTtwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMDQuMjM4LjE3Mi4yNTANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":894,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745963,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777612,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":895,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":5,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90777709,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777709,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1oAAEAGVX9o7qz6CgACD1v8xIgAr8gCAIGcqFAQ\/\/8HfQAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":901,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":2,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90784857,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA14AAEAG805VqCJpCgACD5vkxIAAsMIB8fB5WWAS\/\/+FlQAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":902,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":2,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90784998,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA18AAEAG3PlXezbqCgACD9NyxH0AsbwBqI15YWAS\/\/+HEAAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":903,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":3,"flow_src_last_pkt_time":90785086,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785086,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo3DZAAIAGmnkKAAIPVagiacSAm+Tx8HlZALDCAlAQ+vCiYQAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":904,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":2,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90785152,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA2AAAEAGnkMzRJnWCgACD2aNxJMAsrYBwo+\/QmAS\/\/9bRgAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":3,"flow_src_last_pkt_time":90785220,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785220,"pkt":"UlQAEjUCCAAn5uVZCABFAAAooEJAAIAGwBkKAAIPV3s26sR903KojXlhALG8AlAQ+vCj3AAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":906,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":4,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90785248,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/3DdAAIAGmCEKAAIPVagiacSAm+Tx8HlZALDCAlAY+vARZgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4NS4xNjguMzQuMTA1DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":906,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744462,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":907,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":5,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90785318,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785318,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2EAAEAG809VqCJpCgACD5vkxIAAsMIC8fB7sFAQ\/\/+a+wAA"} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":908,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":3,"flow_src_last_pkt_time":90785342,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785342,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoeOBAAIAGqMYKAAIPM0SZ1sSTZo3Cj79CALK2AlAQ+vB4EgAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":909,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":4,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90785552,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/eOFAAIAGpm4KAAIPM0SZ1sSTZo3Cj79CALK2AlAY+vDtFQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA1MS42OC4xNTMuMjE0DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":909,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747782,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":910,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":5,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785643,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785643,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2IAAEAGnkUzRJnWCgACD2aNxJMAsrYCwo\/BmVAQ\/\/9wrAAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":911,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":4,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90785663,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/oENAAIAGvcEKAAIPV3s26sR903KojXlhALG8AlAY+vAQ5QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4Ny4xMjMuNTQuMjM0DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":911,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743161,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":912,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":5,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90785746,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785746,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2MAAEAG3PlXezbqCgACD9NyxH0AsbwCqI17uFAQ\/\/+cdgAA"} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":918,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":2,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90787996,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA2cAAEAGHo9QB\/zACgACDxroxIoAs7ABAD7ueWAS\/\/\/AYAAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":919,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":3,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90787996,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoIw9AAIAGfuoKAAIPUAf8wMSKGugAPu55ALOwAlAQ+vDdLAAA"} -00866{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":920,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":4,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":318,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":318,"pkt_l4_len":284,"thread_ts_usec":90787996,"pkt":"UlQAEjUCCAAn5uVZCABFAAEwIxBAAIAGfeEKAAIPUAf8wMSKGugAPu55ALOwAlAY+vCaNQAAFgMBAQMBAAD\/AwNiJQp+8saRTGn5FOybSdB1cukDK58nNQ\/S5GTjEfxYrwAAjMArwCzAhsCHwAnAI8AKwCTAcsBzwKzArcAIwC\/AMMCKwIvAE8AnwBTAKMB2wHfAEgCcAJ3AesB7AC8APAA1AD0AQQC6AIQAwMCcwJ0ACgCeAJ\/AfMB9ADMAZwA5AGsARQC+AIgAxMCewJ8AFsAYwBnAFwCmAKfAhMCFADQAbAA6AG0ARgC\/AIkAxQAbAQAASgAXAAAAFgAAAAUABQEAAAAA\/wEAAQAAIwAAAAoADAAKABcAGAAZABUAEwALAAIBAAANABYAFAQBBAMFAQUDBgEGAwMBAwMCAQID"} -01395{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":920,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90787996,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":921,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":5,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90787996,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2gAAEAGHpJQB\/zACgACDxroxIoAs7ACAD7vgVAQ\/\/\/XFQAA"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":930,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":2,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90795846,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA24AAEAGymQugHJrCgACDxmyxHoAtKoBziHWF2AS\/\/++AAAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":932,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":3,"flow_src_last_pkt_time":90796080,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90796080,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoDztAAIAGPpsKAAIPLoBya8R6GbLOIdYXALSqAlAQ+vDazAAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":938,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":2,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90799214,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA3IAAEAGvK6khAoZCgACD9gGxJIAtaQBToGf\/mAS\/\/+tmgAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":939,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":3,"flow_src_last_pkt_time":90799383,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90799383,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoptFAAIAGmVIKAAIPpIQKGcSS2AZOgZ\/+ALWkAlAQ+vDKZgAA"} -01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":942,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":4,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90799783,"pkt":"UlQAEjUCCAAn5uVZCABFAAKADzxAAIAGPEIKAAIPLoBya8R6GbLOIdYXALSqAlAY+vAyvQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0Ni4xMjguMTE0LjEwNw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":942,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741945,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90799783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":943,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":5,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90799905,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90799905,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA3QAAEAGymIugHJrCgACDxmyxHoAtKoCziHYb1AQ\/\/\/TZQAA"} -01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":944,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":4,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90800133,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/ptJAAIAGlvoKAAIPpIQKGcSS2AZOgZ\/+ALWkAlAY+vBBcwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNjQuMTMyLjEwLjI1DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":944,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747580,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90800133,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":945,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":5,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90800260,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90800260,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA3UAAEAGvK+khAoZCgACD9gGxJIAtaQCToGiVVAQ\/\/\/DAAAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":946,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":2,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90800891,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA3YAAEAGCtCwY7AUCgACDxjKxIMAtp4BeVRy4GAS\/\/\/DVQAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":947,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":3,"flow_src_last_pkt_time":90801069,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90801069,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoGLRAAIAGdZUKAAIPsGOwFMSDGMp5VHLgALaeAlAQ+vDgIQAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":948,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":4,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90801264,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/GLVAAIAGcz0KAAIPsGOwFMSDGMp5VHLgALaeAlAY+vBHJwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNzYuOTkuMTc2LjIwDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":948,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745008,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90801264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":949,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":5,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90801414,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90801414,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA3cAAEAGCtOwY7AUCgACDxjKxIMAtp4CeVR1N1AQ\/\/\/YuwAA"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":822,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":2,"flow_src_last_pkt_time":90684669,"flow_dst_last_pkt_time":87670084,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90684669,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMtAAIAG1hwKAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":823,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":2,"flow_src_last_pkt_time":90684837,"flow_dst_last_pkt_time":87670730,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90684837,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068RAAIAGCcwKAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":824,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":2,"flow_src_last_pkt_time":90684872,"flow_dst_last_pkt_time":87671361,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90684872,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aopAAIAGZI0KAAIP3XxCIcRqMwT80GtdAAAAAIAC+vDo1QAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":826,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":90737440,"flow_dst_last_pkt_time":90737440,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90737440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":826,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":1,"flow_src_last_pkt_time":90737440,"flow_dst_last_pkt_time":90737440,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90737440,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg1AAIAGKkYKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":827,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90738015,"flow_src_last_pkt_time":90738015,"flow_dst_last_pkt_time":90738015,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90738015,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":827,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":1,"flow_src_last_pkt_time":90738015,"flow_dst_last_pkt_time":90738015,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90738015,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RsxAAIAGRA8KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":828,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":90738695,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90738695,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":828,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":1,"flow_src_last_pkt_time":90738695,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90738695,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYtAAIAGqNwKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":829,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90739278,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90739278,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90739278,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":829,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":1,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90739278,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90739278,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s+5AAIAGId8KAAIPYVO3lMR1IrqGMBLYAAAAAIAC+vDO8AAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":830,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90740151,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":90740151,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90740151,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":830,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":1,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":90740151,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90740151,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0th9AAIAGKegKAAIPDsj\/5cR2kMKte\/8bAAAAAIAC+vBXkgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":831,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90740683,"flow_src_last_pkt_time":90740683,"flow_dst_last_pkt_time":90740683,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90740683,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":831,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":1,"flow_src_last_pkt_time":90740683,"flow_dst_last_pkt_time":90740683,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90740683,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0pBlAAIAGrCMKAAIPJo536sR3wkQjIZHBAAAAAIAC+vCN+QAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":832,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90741172,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90741172,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90741172,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":832,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":1,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90741172,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90741172,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0HOdAAIAGsV8KAAIPTTrTNMR4Dt40RJ3MAAAAAIAC+vCiOgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":833,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90741572,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":90741572,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90741572,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":833,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":1,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":90741572,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90741572,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tiBAAIAGKecKAAIPDsj\/5cR5so6\/ZuJwAAAAAIAC+vBAgwAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":834,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90741945,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90741945,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90741945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":834,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":1,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90741945,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90741945,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DzpAAIAGPpAKAAIPLoBya8R6GbLOIdYWAAAAAIAC+vBEwAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":835,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90742427,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":90742427,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90742427,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":835,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":1,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":90742427,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90742427,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TH5AAIAGD2YKAAIPy9zG9MR7BKqh2JWmAAAAAIAC+vDUmgAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":836,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90742816,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90742816,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90742816,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":836,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":1,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90742816,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90742816,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0VAAIAGinsKAAIPvD00t8R8LkyIWpaCAAAAAIAC+vBldgAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":837,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90743161,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90743161,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90743161,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":837,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":1,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90743161,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90743161,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oEFAAIAGwA4KAAIPV3s26sR903KojXlgAAAAAIAC+vAfzQAAAgQFtAEDAwgBAQQC"} +00742{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":838,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90743600,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90743600,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90743600,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":838,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":1,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90743600,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90743600,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03P1AAIAGv8gKAAIPS0AGr8R+EocndMkvAAAAAIAC+vBOeAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":839,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744013,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90744013,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744013,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":839,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":1,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90744013,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744013,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+\/xAAIAGUGkKAAIPWHhJ18R\/X\/Jjsy0QAAAAAIAC+vAQjAAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":840,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744462,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90744462,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744462,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":840,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":1,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90744462,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744462,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03DVAAIAGmm4KAAIPVagiacSAm+Tx8HlYAAAAAIAC+vAkUQAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":841,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":90744632,"flow_dst_last_pkt_time":90744632,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744632,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":841,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":1,"flow_src_last_pkt_time":90744632,"flow_dst_last_pkt_time":90744632,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744632,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MiRAAIAGHAkKAAIPXjZCUsSB+JU5M3UyAAAAAIAC+vBcCwAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":842,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90744824,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":90744824,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90744824,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":842,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":1,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":90744824,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90744824,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uGpAAIAGyAkKAAIP3O6RUsSCgvcQKi\/TAAAAAIAC+vByWAAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":843,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745008,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90745008,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745008,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":843,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":1,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90745008,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745008,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GLNAAIAGdYoKAAIPsGOwFMSDGMp5VHLfAAAAAIAC+vA+FwAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":844,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745170,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90745170,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745170,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":844,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":1,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90745170,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745170,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0golAAIAGq4MKAAIPwSX\/gsSE8LC\/3xvGAAAAAIAC+vAWjQAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":845,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745391,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":90745391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745391,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":845,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":1,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":90745391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745391,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xU1AAIAGu7QKAAIPPPEwwsSFUzVU0GEOAAAAAIAC+vAsxAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":846,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":90745561,"flow_dst_last_pkt_time":90745561,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745561,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":846,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":1,"flow_src_last_pkt_time":90745561,"flow_dst_last_pkt_time":90745561,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745561,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4FAAIAGzRQKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":847,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745788,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":90745788,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745788,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":847,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":1,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":90745788,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745788,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0zKVAAIAG6UMKAAIPlRyjr8SHwyS+2ZeIAAAAAIAC+vBRNgAAAgQFtAEDAwgBAQQC"} +00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":848,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90745963,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90745963,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90745963,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":848,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":1,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90745963,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90745963,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Bk5AAIAG0n4KAAIPaO6s+sSIW\/wAgZpOAAAAAIAC+vCW0wAAAgQFtAEDAwgBAQQC"} +00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":849,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746142,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90746142,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746142,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":849,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":1,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90746142,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746142,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BGFAAIAGRVEKAAIPYEFEwsSJipmyoW1hAAAAAIAC+vBT5wAAAgQFtAEDAwgBAQQC"} +00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":850,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746322,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90746322,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746322,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":850,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":1,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90746322,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746322,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iw5AAIAGft8KAAIPUAf8wMSKGugAPu54AAAAAIAC+vBNHwAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":851,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746458,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90746458,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746458,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":851,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":1,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90746458,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746458,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0e4RAAIAGraEKAAIPLR+YcMSLaOPXzV5xAAAAAIAC+vA+0wAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":852,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746613,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90746613,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746613,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":852,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":1,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90746613,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746613,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xktAAIAG9NcKAAIPjoSlDcSMd2bhikpDAAAAAIAC+vDMvQAAAgQFtAEDAwgBAQQC"} +00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":853,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746756,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90746756,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746756,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":853,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":1,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90746756,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746756,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xP1AAIAGoVMKAAIPvKXLvsSNVetyIY5LAAAAAIAC+vDExgAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":854,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90746915,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90746915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90746915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":854,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":1,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90746915,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90746915,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Yo9AAIAGTC8KAAIPwSB+1sSO6MzJTpedAAAAAIAC+vAZ0gAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":855,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747070,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90747070,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747070,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":855,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":1,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90747070,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747070,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0OINAAIAGsckKAAIPubtKrcSP0PGcxJ9SAAAAAIAC+vCSDwAAAgQFtAEDAwgBAQQC"} +00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":856,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747315,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90747315,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747315,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":856,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":1,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90747315,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747315,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SsxAAIAGLMcKAAIPwqO0fsSQKkliYWFkAAAAAIAC+vA+TwAAAgQFtAEDAwgBAQQC"} +00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":857,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":90747448,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747448,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":857,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":1,"flow_src_last_pkt_time":90747448,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747448,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Ar9AAIAGpjAKAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":858,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747580,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90747580,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747580,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":858,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":1,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90747580,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747580,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ptBAAIAGmUcKAAIPpIQKGcSS2AZOgZ\/9AAAAAIAC+vAuWwAAAgQFtAEDAwgBAQQC"} +00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":859,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90747782,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90747782,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90747782,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":859,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":1,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90747782,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747782,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eN9AAIAGqLsKAAIPM0SZ1sSTZo3Cj79BAAAAAIAC+vDuAwAAAgQFtAEDAwgBAQQC"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":860,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":2,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90760006,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90760006,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0kAAEAGeoC8PTS3CgACDy5MxHwAp\/gBiFqWg2AS\/\/+QwwAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":861,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":3,"flow_src_last_pkt_time":90760234,"flow_dst_last_pkt_time":90760006,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90760234,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoc0ZAAIAGioYKAAIPvD00t8R8LkyIWpaDAKf4AlAQ+vCtjwAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":862,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":4,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90760006,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90763740,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/c0dAAIAGiC4KAAIPvD00t8R8LkyIWpaDAKf4AlAY+vAZlQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODguNjEuNTIuMTgzDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":862,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742816,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90760006,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90763740,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":863,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":5,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90763952,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90763952,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA0oAAEAGeoO8PTS3CgACDy5MxHwAp\/gCiFqY2lAQ\/\/+mKQAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":864,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":2,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90767342,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90767342,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0sAAEAGN+GOhKUNCgACD3dmxIwAqPIB4YpKRGAS\/\/\/+CQAAAgQFtA=="} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":865,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":2,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90767744,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90767744,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0wAAEAGSwNNOtM0CgACDw7exHgAqewBNESdzWAS\/\/\/ZhQAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":866,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":3,"flow_src_last_pkt_time":90767809,"flow_dst_last_pkt_time":90767342,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90767809,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxkxAAIAG9OIKAAIPjoSlDcSMd2bhikpEAKjyAlAQ+vAa1gAA"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":867,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":3,"flow_src_last_pkt_time":90768107,"flow_dst_last_pkt_time":90767744,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90768107,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoHOhAAIAGsWoKAAIPTTrTNMR4Dt40RJ3NAKnsAlAQ+vD2UQAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":868,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":4,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90767342,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90768191,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAxk1AAIAG8okKAAIPjoSlDcSMd2bhikpEAKjyAlAY+vCEugAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNDIuMTMyLjE2NS4xMw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":868,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746613,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90767342,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90768191,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":869,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":5,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90768307,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90768307,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA00AAEAGN+OOhKUNCgACD3dmxIwAqPIC4YpMnFAQ\/\/8TbwAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":870,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":2,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90768698,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90768698,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA04AAEAG9E3Co7R+CgACDypJxJAAquYBYmFhZWAS\/\/97mQAAAgQFtA=="} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":871,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":4,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90767744,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":90771803,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+HOlAAIAGrxMKAAIPTTrTNMR4Dt40RJ3NAKnsAlAY+vCPYAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA3Ny41OC4yMTEuNTINClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":871,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741172,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90767744,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90771803,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":872,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":5,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90772019,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772019,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA08AAEAGSwRNOtM0CgACDw7exHgAqewCNESgI1AQ\/\/\/u7AAA"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":873,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":3,"flow_src_last_pkt_time":90772156,"flow_dst_last_pkt_time":90768698,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772156,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoSs1AAIAGLNIKAAIPwqO0fsSQKkliYWFlAKrmAlAQ+vCYZQAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":874,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":2,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90772201,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90772201,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1AAAEAGZwW5u0qtCgACD9DxxI8Aq+ABnMSfU2AS\/\/\/VWAAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":875,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":2,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90772397,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90772397,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1EAAEAG4wi8pcu+CgACD1XrxI0ArNoBciGOTGAS\/\/8ODwAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":876,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":3,"flow_src_last_pkt_time":90772438,"flow_dst_last_pkt_time":90772201,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772438,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoOIRAAIAGsdQKAAIPubtKrcSP0PGcxJ9TAKvgAlAQ+vDyJAAA"} +01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":877,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":4,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90768698,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":90772488,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBSs5AAIAGKngKAAIPwqO0fsSQKkliYWFlAKrmAlAY+vDTOgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxOTQuMTYzLjE4MC4xMjYNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":877,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747315,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90768698,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":878,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":5,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90772549,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772549,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1IAAEAG9E3Co7R+CgACDypJxJAAquYCYmFjvlAQ\/\/+Q\/QAA"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":879,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":3,"flow_src_last_pkt_time":90772602,"flow_dst_last_pkt_time":90772397,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772602,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxP5AAIAGoV4KAAIPvKXLvsSNVetyIY5MAKzaAlAQ+vAq2wAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":880,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":4,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772201,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90772735,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAOIVAAIAGr3sKAAIPubtKrcSP0PGcxJ9TAKvgAlAY+vBR\/AAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODUuMTg3Ljc0LjE3Mw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":880,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747070,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772201,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772735,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":881,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":5,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772849,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772849,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1MAAEAGZwa5u0qtCgACD9DxxI8Aq+ACnMShq1AQ\/\/\/qvQAA"} +01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":882,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":4,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90772397,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":90772949,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBxP9AAIAGnwQKAAIPvKXLvsSNVetyIY5MAKzaAlAY+vBnrAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxODguMTY1LjIwMy4xOTANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":882,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746756,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90772397,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772949,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":883,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":5,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90773045,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90773045,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1QAAEAG4wm8pcu+CgACD1XrxI0ArNoCciGQpVAQ\/\/8jcwAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":884,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":2,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90776532,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776532,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1UAAEAGyRlYeEnXCgACD1\/yxH8ArdQBY7MtEWAS\/\/9f0wAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":885,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":2,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90776723,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776723,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1YAAEAGK3HBIH7WCgACD+jMxI4Ars4ByU6XnmAS\/\/9vGAAAAgQFtA=="} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":886,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":3,"flow_src_last_pkt_time":90776781,"flow_dst_last_pkt_time":90776532,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90776781,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo+\/1AAIAGUHQKAAIPWHhJ18R\/X\/Jjsy0RAK3UAlAQ+vB8nwAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":887,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":2,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90776891,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776891,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1cAAEAGVX5o7qz6CgACD1v8xIgAr8gBAIGaT2AS\/\/\/yGAAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":888,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":3,"flow_src_last_pkt_time":90776939,"flow_dst_last_pkt_time":90776723,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90776939,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoYpBAAIAGTDoKAAIPwSB+1sSO6MzJTpeeAK7OAlAQ+vCL5AAA"} +01312{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":889,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":4,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90776532,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90776965,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/+\/5AAIAGThwKAAIPWHhJ18R\/X\/Jjsy0RAK3UAlAY+vDrpwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4OC4xMjAuNzMuMjE1DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":889,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744013,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90776532,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90776965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":890,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":5,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90777020,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777020,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1gAAEAGyRpYeEnXCgACD1\/yxH8ArdQCY7MvaFAQ\/\/91OQAA"} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":891,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":3,"flow_src_last_pkt_time":90777173,"flow_dst_last_pkt_time":90776891,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777173,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoBk9AAIAG0okKAAIPaO6s+sSIW\/wAgZpPAK\/IAlAQ+vAO5QAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":892,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":4,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90776723,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90777390,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAYpFAAIAGSeEKAAIPwSB+1sSO6MzJTpeeAK7OAlAY+vDpzwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxOTMuMzIuMTI2LjIxNA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":892,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746915,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90776723,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777390,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":893,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":5,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90777540,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777540,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1kAAEAGK3LBIH7WCgACD+jMxI4Ars4CyU6Z9lAQ\/\/+EfQAA"} +01314{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":894,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":4,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90776891,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":90777612,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBBlBAAIAG0C8KAAIPaO6s+sSIW\/wAgZpPAK\/IAlAY+vBTtwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxMDQuMjM4LjE3Mi4yNTANClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":894,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745963,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90776891,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777612,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":895,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":5,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90777709,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777709,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA1oAAEAGVX9o7qz6CgACD1v8xIgAr8gCAIGcqFAQ\/\/8HfQAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":901,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":2,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90784857,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90784857,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA14AAEAG805VqCJpCgACD5vkxIAAsMIB8fB5WWAS\/\/+FlQAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":902,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":2,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90784998,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90784998,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA18AAEAG3PlXezbqCgACD9NyxH0AsbwBqI15YWAS\/\/+HEAAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":903,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":3,"flow_src_last_pkt_time":90785086,"flow_dst_last_pkt_time":90784857,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785086,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo3DZAAIAGmnkKAAIPVagiacSAm+Tx8HlZALDCAlAQ+vCiYQAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":904,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":2,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90785152,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90785152,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA2AAAEAGnkMzRJnWCgACD2aNxJMAsrYBwo+\/QmAS\/\/9bRgAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":3,"flow_src_last_pkt_time":90785220,"flow_dst_last_pkt_time":90784998,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785220,"pkt":"UlQAEjUCCAAn5uVZCABFAAAooEJAAIAGwBkKAAIPV3s26sR903KojXlhALG8AlAQ+vCj3AAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":906,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":4,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90784857,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90785248,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/3DdAAIAGmCEKAAIPVagiacSAm+Tx8HlZALDCAlAY+vARZgAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4NS4xNjguMzQuMTA1DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":906,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744462,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90784857,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":907,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":5,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90785318,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785318,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2EAAEAG809VqCJpCgACD5vkxIAAsMIC8fB7sFAQ\/\/+a+wAA"} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":908,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":3,"flow_src_last_pkt_time":90785342,"flow_dst_last_pkt_time":90785152,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785342,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoeOBAAIAGqMYKAAIPM0SZ1sSTZo3Cj79CALK2AlAQ+vB4EgAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":909,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":4,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785152,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90785552,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/eOFAAIAGpm4KAAIPM0SZ1sSTZo3Cj79CALK2AlAY+vDtFQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA1MS42OC4xNTMuMjE0DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":909,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747782,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785152,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":910,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":5,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785643,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785643,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2IAAEAGnkUzRJnWCgACD2aNxJMAsrYCwo\/BmVAQ\/\/9wrAAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":911,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":4,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90784998,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90785663,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/oENAAIAGvcEKAAIPV3s26sR903KojXlhALG8AlAY+vAQ5QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA4Ny4xMjMuNTQuMjM0DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":911,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743161,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90784998,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":912,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":5,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90785746,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785746,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2MAAEAG3PlXezbqCgACD9NyxH0AsbwCqI17uFAQ\/\/+cdgAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":918,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":2,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90787996,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90787996,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA2cAAEAGHo9QB\/zACgACDxroxIoAs7ABAD7ueWAS\/\/\/AYAAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":919,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":3,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90787996,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoIw9AAIAGfuoKAAIPUAf8wMSKGugAPu55ALOwAlAQ+vDdLAAA"} +00866{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":920,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":4,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":318,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":318,"pkt_l4_len":284,"thread_ts_usec":90787996,"pkt":"UlQAEjUCCAAn5uVZCABFAAEwIxBAAIAGfeEKAAIPUAf8wMSKGugAPu55ALOwAlAY+vCaNQAAFgMBAQMBAAD\/AwNiJQp+8saRTGn5FOybSdB1cukDK58nNQ\/S5GTjEfxYrwAAjMArwCzAhsCHwAnAI8AKwCTAcsBzwKzArcAIwC\/AMMCKwIvAE8AnwBTAKMB2wHfAEgCcAJ3AesB7AC8APAA1AD0AQQC6AIQAwMCcwJ0ACgCeAJ\/AfMB9ADMAZwA5AGsARQC+AIgAxMCewJ8AFsAYwBnAFwCmAKfAhMCFADQAbAA6AG0ARgC\/AIkAxQAbAQAASgAXAAAAFgAAAAUABQEAAAAA\/wEAAQAAIwAAAAoADAAKABcAGAAZABUAEwALAAIBAAANABYAFAQBBAMFAQUDBgEGAwMBAwMCAQID"} +01395{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":920,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90787996,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":921,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":5,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90787996,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA2gAAEAGHpJQB\/zACgACDxroxIoAs7ACAD7vgVAQ\/\/\/XFQAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":930,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":2,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90795846,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90795846,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA24AAEAGymQugHJrCgACDxmyxHoAtKoBziHWF2AS\/\/++AAAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":932,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":3,"flow_src_last_pkt_time":90796080,"flow_dst_last_pkt_time":90795846,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90796080,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoDztAAIAGPpsKAAIPLoBya8R6GbLOIdYXALSqAlAQ+vDazAAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":938,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":2,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90799214,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90799214,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA3IAAEAGvK6khAoZCgACD9gGxJIAtaQBToGf\/mAS\/\/+tmgAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":939,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":3,"flow_src_last_pkt_time":90799383,"flow_dst_last_pkt_time":90799214,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90799383,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoptFAAIAGmVIKAAIPpIQKGcSS2AZOgZ\/+ALWkAlAQ+vDKZgAA"} +01308{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":942,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":4,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90795846,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90799783,"pkt":"UlQAEjUCCAAn5uVZCABFAAKADzxAAIAGPEIKAAIPLoBya8R6GbLOIdYXALSqAlAY+vAyvQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0Ni4xMjguMTE0LjEwNw0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":942,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741945,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90795846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90799783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":943,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":5,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90799905,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90799905,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA3QAAEAGymIugHJrCgACDxmyxHoAtKoCziHYb1AQ\/\/\/TZQAA"} +01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":944,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":4,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90799214,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90800133,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/ptJAAIAGlvoKAAIPpIQKGcSS2AZOgZ\/+ALWkAlAY+vBBcwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNjQuMTMyLjEwLjI1DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":944,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747580,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90799214,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90800133,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":945,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":5,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90800260,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90800260,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA3UAAEAGvK+khAoZCgACD9gGxJIAtaQCToGiVVAQ\/\/\/DAAAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":946,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":2,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90800891,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90800891,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA3YAAEAGCtCwY7AUCgACDxjKxIMAtp4BeVRy4GAS\/\/\/DVQAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":947,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":3,"flow_src_last_pkt_time":90801069,"flow_dst_last_pkt_time":90800891,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90801069,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoGLRAAIAGdZUKAAIPsGOwFMSDGMp5VHLgALaeAlAQ+vDgIQAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":948,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":4,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90800891,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90801264,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/GLVAAIAGcz0KAAIPsGOwFMSDGMp5VHLgALaeAlAY+vBHJwAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNzYuOTkuMTc2LjIwDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":948,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745008,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90800891,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90801264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":949,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":5,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90801414,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90801414,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA3cAAEAGCtOwY7AUCgACDxjKxIMAtp4CeVR1N1AQ\/\/\/YuwAA"} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":964,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90809634,"flow_src_last_pkt_time":90809634,"flow_dst_last_pkt_time":90809634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90809634,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":964,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":1,"flow_src_last_pkt_time":90809634,"flow_dst_last_pkt_time":90809634,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90809634,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4BlIAAIAREmwKAAIPaO6s+nAJW\/wAJA6KHB0xAtgN+vD\/0M\/t\/ONIAwABAAUAAADDglFLQA=="} 00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":986,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":2,"flow_src_last_pkt_time":90809634,"flow_dst_last_pkt_time":90840335,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":143,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":143,"pkt_l4_len":109,"thread_ts_usec":90840335,"pkt":"CAAn5uVZUlQAEjUCCABFAACBA44AAEARVOdo7qz6CgACD1v8cAkAbdSrHB0xAtgN+vD\/0M\/t\/ONIAwEBAE4AAAD8W2jurPoAAAAACAAAAMMCVkNFR1RLR2IDR1VFQQICVVBDAgEGAkRVQl9jATZQIAEZ8HQAiAgAAAAAAAEAAQNESFRDAAABglFLRIDlHEU="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":994,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":2,"flow_src_last_pkt_time":90740683,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90843516,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA5MAAEAGzLImjnfqCgACD8JExHcAt5gBIyGRwmAS\/\/8ZNwAAAgQFtA=="} -00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":997,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":3,"flow_src_last_pkt_time":90843712,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90843712,"pkt":"UlQAEjUCCAAn5uVZCABFAAAopBpAAIAGrC4KAAIPJo536sR3wkQjIZHCALeYAlAQ+vA2AwAA"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":994,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":2,"flow_src_last_pkt_time":90740683,"flow_dst_last_pkt_time":90843516,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90843516,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA5MAAEAGzLImjnfqCgACD8JExHcAt5gBIyGRwmAS\/\/8ZNwAAAgQFtA=="} +00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":997,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":3,"flow_src_last_pkt_time":90843712,"flow_dst_last_pkt_time":90843516,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90843712,"pkt":"UlQAEjUCCAAn5uVZCABFAAAopBpAAIAGrC4KAAIPJo536sR3wkQjIZHCALeYAlAQ+vA2AwAA"} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90845230,"flow_src_last_pkt_time":90845230,"flow_dst_last_pkt_time":90845230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90845230,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":1,"flow_src_last_pkt_time":90845230,"flow_dst_last_pkt_time":90845230,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90845230,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4c0wAAIARymUKAAIPvD00t3AJLkwAJK1JGu4xAkJx0f\/\/24\/JSJ6wAwABAAUAAADDglFLQA=="} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1005,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":4,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90850187,"pkt":"UlQAEjUCCAAn5uVZCABFAAKApBtAAIAGqdUKAAIPJo536sR3wkQjIZHCALeYAlAY+vCO7wAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAzOC4xNDIuMTE5LjIzNA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1005,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740683,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90850187,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1006,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":5,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90850267,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90850267,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA5kAAEAGzLAmjnfqCgACD8JExHcAt5gCIyGUGlAQ\/\/8unAAA"} -01928{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1011,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90857440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":90857440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"6": {"risk":"Self-signed Cert","severity":"High","risk_score": {"total":300,"client":270,"server":30}},"9": {"risk":"TLS Cert Expired","severity":"High","risk_score": {"total":160,"client":140,"server":20}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}},"32": {"risk":"TLS Cert Validity Too Long","severity":"Medium","risk_score": {"total":50,"client":25,"server":25}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"1249fb68f48c0444718e4d3b48b27188","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"CN=gtk-gnutella\/1.2.1","subjectDN":"CN=gtk-gnutella\/1.2.1","fingerprint":"E8:DD:F0:B2:FF:8C:27:5A:12:75:D4:AE:60:1B:D9:87:E8:FF:45:93"}}} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1005,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":4,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90843516,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90850187,"pkt":"UlQAEjUCCAAn5uVZCABFAAKApBtAAIAGqdUKAAIPJo536sR3wkQjIZHCALeYAlAY+vCO7wAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAzOC4xNDIuMTE5LjIzNA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1005,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740683,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90843516,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90850187,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1006,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":5,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90850267,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90850267,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA5kAAEAGzLAmjnfqCgACD8JExHcAt5gCIyGUGlAQ\/\/8unAAA"} +01928{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1011,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90857440,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":90857440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"6": {"risk":"Self-signed Cert","severity":"High","risk_score": {"total":300,"client":270,"server":30}},"9": {"risk":"TLS Cert Expired","severity":"High","risk_score": {"total":160,"client":140,"server":20}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}},"32": {"risk":"TLS Cert Validity Too Long","severity":"Medium","risk_score": {"total":50,"client":25,"server":25}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"1249fb68f48c0444718e4d3b48b27188","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"CN=gtk-gnutella\/1.2.1","subjectDN":"CN=gtk-gnutella\/1.2.1","fingerprint":"E8:DD:F0:B2:FF:8C:27:5A:12:75:D4:AE:60:1B:D9:87:E8:FF:45:93"}}} 00614{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1016,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":2,"flow_src_last_pkt_time":90845230,"flow_dst_last_pkt_time":90857929,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":130,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":130,"pkt_l4_len":96,"thread_ts_usec":90857929,"pkt":"CAAn5uVZUlQAEjUCCABFAAB0A6AAAEAReda8PTS3CgACDy5McAkAYD84Gu4xAkJx0f\/\/24\/JSJ6wAwEBAEEAAABMLrw9NLcAAAAACAAAAMMCVkNFR1RLR1cDR1VFQQICVVBDAgEHAkRVQ4BRAQNUTFNAA0RIVEMAAAGCUUtE7kD0pA=="} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1026,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90864578,"flow_src_last_pkt_time":90864578,"flow_dst_last_pkt_time":90864578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90864578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1026,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":1,"flow_src_last_pkt_time":90864578,"flow_dst_last_pkt_time":90864578,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90864578,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4OIoAAIAR8bMKAAIPubtKrXAJ0PEAJMQW\/3wxAm1gREr\/fw\/7dxmzAwABAAUAAADDglFLQA=="} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1030,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90871417,"flow_src_last_pkt_time":90871417,"flow_dst_last_pkt_time":90871417,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90871417,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1030,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":1,"flow_src_last_pkt_time":90871417,"flow_dst_last_pkt_time":90871417,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90871417,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4xlIAAIARNMIKAAIPjoSlDXAJd2YAJJzV5\/IxAvsVo43\/HfOSkBgzAwABAAUAAADDglFLQA=="} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1031,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":2,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90872628,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA6gAAEAGqm3BJf+CCgACD\/CwxIQAuJIBv98bx2AS\/\/+nyQAAAgQFtA=="} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1032,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":3,"flow_src_last_pkt_time":90872792,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90872792,"pkt":"UlQAEjUCCAAn5uVZCABFAAAogopAAIAGq44KAAIPwSX\/gsSE8LC\/3xvHALiSAlAQ+vDElQAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1033,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":4,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90873004,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAgotAAIAGqTUKAAIPwSX\/gsSE8LC\/3xvHALiSAlAY+vAifAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxOTMuMzcuMjU1LjEzMA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1033,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745170,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90873004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1034,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":5,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90873103,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90873103,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA6kAAEAGqnDBJf+CCgACD\/CwxIQAuJICv98eH1AQ\/\/+9LgAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1031,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":2,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90872628,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90872628,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA6gAAEAGqm3BJf+CCgACD\/CwxIQAuJIBv98bx2AS\/\/+nyQAAAgQFtA=="} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1032,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":3,"flow_src_last_pkt_time":90872792,"flow_dst_last_pkt_time":90872628,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90872792,"pkt":"UlQAEjUCCAAn5uVZCABFAAAogopAAIAGq44KAAIPwSX\/gsSE8LC\/3xvHALiSAlAQ+vDElQAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1033,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":4,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90872628,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":90873004,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAgotAAIAGqTUKAAIPwSX\/gsSE8LC\/3xvHALiSAlAY+vAifAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxOTMuMzcuMjU1LjEzMA0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1033,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745170,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90872628,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90873004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1034,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":5,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90873103,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90873103,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA6kAAEAGqnDBJf+CCgACD\/CwxIQAuJICv98eH1AQ\/\/+9LgAA"} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1036,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90880863,"flow_src_last_pkt_time":90880863,"flow_dst_last_pkt_time":90880863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90880863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1036,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":1,"flow_src_last_pkt_time":90880863,"flow_dst_last_pkt_time":90880863,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90880863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4YpYAAIARjBkKAAIPwSB+1nAJ6MwAJJ5bn1UxAqnqa\/T\/ZYYW3VylAwABAAUAAADDglFLQA=="} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1037,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":2,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90882629,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA6sAAEAGxg9gQUTCCgACD4qZxIkAuYwBsqFtYmAS\/\/\/rIgAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1038,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":3,"flow_src_last_pkt_time":90882849,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90882849,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoBGJAAIAGRVwKAAIPYEFEwsSJipmyoW1iALmMAlAQ+vAH7wAA"} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":4,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":90883036,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+BGNAAIAGQwUKAAIPYEFEwsSJipmyoW1iALmMAlAY+vCU+QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA5Ni42NS42OC4xOTQNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746142,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90883036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1040,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":5,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90883166,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90883166,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA6wAAEAGxhJgQUTCCgACD4qZxIkAuYwCsqFvuFAQ\/\/8AigAA"} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1041,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":2,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90885640,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA60AAEAGpYEtH5hwCgACD2jjxIsAuoYB181ecmAS\/\/\/cDQAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1042,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":3,"flow_src_last_pkt_time":90885826,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90885826,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoe4VAAIAGrawKAAIPLR+YcMSLaOPXzV5yALqGAlAQ+vD42QAA"} -01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":4,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90885995,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/e4ZAAIAGq1QKAAIPLR+YcMSLaOPXzV5yALqGAlAY+vBs6QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0NS4zMS4xNTIuMTEyDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746458,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90885995,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1044,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":5,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90886128,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90886128,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA64AAEAGpYQtH5hwCgACD2jjxIsAuoYC181gyVAQ\/\/\/xcwAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1037,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":2,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90882629,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90882629,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA6sAAEAGxg9gQUTCCgACD4qZxIkAuYwBsqFtYmAS\/\/\/rIgAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1038,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":3,"flow_src_last_pkt_time":90882849,"flow_dst_last_pkt_time":90882629,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90882849,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoBGJAAIAGRVwKAAIPYEFEwsSJipmyoW1iALmMAlAQ+vAH7wAA"} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":4,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90882629,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":652,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":652,"pkt_l4_len":618,"thread_ts_usec":90883036,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ+BGNAAIAGQwUKAAIPYEFEwsSJipmyoW1iALmMAlAY+vCU+QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA5Ni42NS42OC4xOTQNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1039,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746142,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90882629,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90883036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1040,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":5,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90883166,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90883166,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA6wAAEAGxhJgQUTCCgACD4qZxIkAuYwCsqFvuFAQ\/\/8AigAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1041,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":2,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90885640,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90885640,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA60AAEAGpYEtH5hwCgACD2jjxIsAuoYB181ecmAS\/\/\/cDQAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1042,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":3,"flow_src_last_pkt_time":90885826,"flow_dst_last_pkt_time":90885640,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90885826,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoe4VAAIAGrawKAAIPLR+YcMSLaOPXzV5yALqGAlAQ+vD42QAA"} +01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":4,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90885640,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90885995,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/e4ZAAIAGq1QKAAIPLR+YcMSLaOPXzV5yALqGAlAY+vBs6QAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA0NS4zMS4xNTIuMTEyDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1043,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746458,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90885640,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90885995,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1044,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":5,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90886128,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90886128,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA64AAEAGpYQtH5hwCgACD2jjxIsAuoYC181gyVAQ\/\/\/xcwAA"} 00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1046,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":2,"flow_src_last_pkt_time":90864578,"flow_dst_last_pkt_time":90892029,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":149,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":149,"pkt_l4_len":115,"thread_ts_usec":90892029,"pkt":"CAAn5uVZUlQAEjUCCABFAACHA68AAEARZkC5u0qtCgACD9DxcAkAc8xj\/3wxAm1gREr\/fw\/7dxmzAwEBAFQAAADx0Lm7Sq0AAAAACAAAAMMCVkNFR1RLR1cDR1VFQQICVVBDAgEJAkRVQ4BRAQE2UCoBbuAAAQAAAAAAAP\/\/C64DVExTQANESFRDAAABglFLRB3BTv4="} 00638{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1047,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":2,"flow_src_last_pkt_time":90871417,"flow_dst_last_pkt_time":90892088,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":149,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":149,"pkt_l4_len":115,"thread_ts_usec":90892088,"pkt":"CAAn5uVZUlQAEjUCCABFAACHA7AAAEARNxaOhKUNCgACD3dmcAkAc2nw5\/IxAvsVo43\/HfOSkBgzAwEBAFQAAABmd46EpQ0AAAAACAAAAMMCVkNFR1RLR2IDR1VFQQICVVBDAv8HAkRVQ4BRAQE2UCoBBPgcHBMlAAAAAAAAAAEDVExTQANESFRDAAABglFLRFrK9p0="} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1048,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":2,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90896426,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA7EAAEAGGR5LQAavCgACDxKHxH4Au4ABJ3TJMGAS\/\/\/xsQAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1049,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":3,"flow_src_last_pkt_time":90896784,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90896784,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo3P5AAIAGv9MKAAIPS0AGr8R+EocndMkwALuAAlAQ+vAOfgAA"} -01305{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1050,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":4,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":651,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":651,"pkt_l4_len":617,"thread_ts_usec":90897166,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ93P9AAIAGvX0KAAIPS0AGr8R+EocndMkwALuAAlAY+vCuswAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA3NS42NC42LjE3NQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1050,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90897166,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1051,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":5,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90897391,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90897391,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA7IAAEAGGSFLQAavCgACDxKHxH4Au4ACJ3TLhVAQ\/\/8HGgAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1052,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":2,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90899496,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA7MAAEAGUiNhU7eUCgACDyK6xHUAvHoBhjAS2WAS\/\/94KQAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1053,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":3,"flow_src_last_pkt_time":90899766,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90899766,"pkt":"UlQAEjUCCAAn5uVZCABFAAAos+9AAIAGIeoKAAIPYVO3lMR1IrqGMBLZALx6AlAQ+vCU9QAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1058,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":4,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90905082,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/s\/BAAIAGH5IKAAIPYVO3lMR1IrqGMBLZALx6AlAY+vD79gAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA5Ny44My4xODMuMTQ4DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1058,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90905082,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1059,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":5,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90905197,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90905197,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA7YAAEAGUiRhU7eUCgACDyK6xHUAvHoChjAVMFAQ\/\/+NjwAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1048,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":2,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90896426,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90896426,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA7EAAEAGGR5LQAavCgACDxKHxH4Au4ABJ3TJMGAS\/\/\/xsQAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1049,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":3,"flow_src_last_pkt_time":90896784,"flow_dst_last_pkt_time":90896426,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90896784,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo3P5AAIAGv9MKAAIPS0AGr8R+EocndMkwALuAAlAQ+vAOfgAA"} +01305{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1050,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":4,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90896426,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":651,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":651,"pkt_l4_len":617,"thread_ts_usec":90897166,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ93P9AAIAGvX0KAAIPS0AGr8R+EocndMkwALuAAlAY+vCuswAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA3NS42NC42LjE3NQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1050,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90896426,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90897166,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1051,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":5,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90897391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90897391,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA7IAAEAGGSFLQAavCgACDxKHxH4Au4ACJ3TLhVAQ\/\/8HGgAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1052,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":2,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90899496,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90899496,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA7MAAEAGUiNhU7eUCgACDyK6xHUAvHoBhjAS2WAS\/\/94KQAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1053,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":3,"flow_src_last_pkt_time":90899766,"flow_dst_last_pkt_time":90899496,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90899766,"pkt":"UlQAEjUCCAAn5uVZCABFAAAos+9AAIAGIeoKAAIPYVO3lMR1IrqGMBLZALx6AlAQ+vCU9QAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1058,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":4,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90899496,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":90905082,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/s\/BAAIAGH5IKAAIPYVO3lMR1IrqGMBLZALx6AlAY+vD79gAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA5Ny44My4xODMuMTQ4DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1058,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90899496,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90905082,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1059,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":5,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90905197,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90905197,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA7YAAEAGUiRhU7eUCgACDyK6xHUAvHoChjAVMFAQ\/\/+NjwAA"} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1062,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":2,"flow_src_last_pkt_time":90880863,"flow_dst_last_pkt_time":90907947,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":130,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":130,"pkt_l4_len":96,"thread_ts_usec":90907947,"pkt":"CAAn5uVZUlQAEjUCCABFAAB0A7gAAEARKrzBIH7WCgACD+jMcAkAYGMhn1UxAqnqa\/T\/ZYYW3VylAwEBAEEAAADM6MEgftYIAAAAAAACAMMCVkNFR1RLR2IDR1VFQQICVVBDAgEFAkRVQ4BRAQNUTFNAA0RIVEMAAAGCUUtEmpBNrg=="} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1088,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":2,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91051889,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8YAAEAGMiyVHKOvCgACD8MkxIcAvm4BvtmXiWAS\/\/8GbQAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1089,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":3,"flow_src_last_pkt_time":91052332,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91052332,"pkt":"UlQAEjUCCAAn5uVZCABFAAAozKZAAIAG6U4KAAIPlRyjr8SHwyS+2ZeJAL5uAlAQ+vAjOQAA"} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1090,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":2,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91057463,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8cAAEAG2CXL3Mb0CgACDwSqxHsAv2gBodiVp2AS\/\/+P0AAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1091,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":3,"flow_src_last_pkt_time":91057889,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91057889,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoTH9AAIAGD3EKAAIPy9zG9MR7BKqh2JWnAL9oAlAQ+vCsnAAA"} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1092,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":2,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91058020,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8gAAEAG\/LTc7pFSCgACD4L3xIIAwGIBECov1GAS\/\/8zjQAAAgQFtA=="} -01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1093,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":4,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91058268,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAzKdAAIAG5vUKAAIPlRyjr8SHwyS+2ZeJAL5uAlAY+vCDFQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNDkuMjguMTYzLjE3NQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1093,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745788,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058268,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":3,"flow_src_last_pkt_time":91058398,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058398,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouGtAAIAGyBQKAAIP3O6RUsSCgvcQKi\/UAMBiAlAQ+vBQWQAA"} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1095,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":5,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91058451,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058451,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA8kAAEAGMi2VHKOvCgACD8MkxIcAvm4CvtmZ4VAQ\/\/8b0gAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":4,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91058830,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAuGxAAIAGxbsKAAIP3O6RUsSCgvcQKi\/UAMBiAlAY+vC\/MAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMjAuMjM4LjE0NS44Mg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1097,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":5,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058997,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058997,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA8oAAEAG\/Lbc7pFSCgACD4L3xIIAwGICECoyLFAQ\/\/9I8gAA"} -01313{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1098,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":4,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":91059034,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBTIBAAIAGDRcKAAIPy9zG9MR7BKqh2JWnAL9oAlAY+vDxbAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMDMuMjIwLjE5OC4yNDQNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1098,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742427,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91059034,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1099,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":5,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91059179,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91059179,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA8sAAEAG2CXL3Mb0CgACDwSqxHsAv2gCodiYAFAQ\/\/+lNAAA"} -00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1100,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":2,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91062021,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8wAAEAG\/T488TDCCgACD1M1xIUAwVwBVNBhD2AS\/\/\/z9wAAAgQFtA=="} -00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1101,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":3,"flow_src_last_pkt_time":91062316,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91062316,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxU5AAIAGu78KAAIPPPEwwsSFUzVU0GEPAMFcAlAQ+vAQxAAA"} -01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1102,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":4,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":91062572,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/xU9AAIAGuWcKAAIPPPEwwsSFUzVU0GEPAMFcAlAY+vCAyQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA2MC4yNDEuNDguMTk0DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} -01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1102,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745391,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91062572,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1103,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":5,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062784,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91062784,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA80AAEAG\/UE88TDCCgACD1M1xIUAwVwCVNBjZlAQ\/\/8JXgAA"} -00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1104,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":2,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91074721,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA84AAEAGXEIOyP\/lCgACD5DCxHYAwlYBrXv\/HGAS\/\/8kxQAAAgQFtA=="} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1105,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":3,"flow_src_last_pkt_time":91074947,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91074947,"pkt":"UlQAEjUCCAAn5uVZCABFAAAotiFAAIAGKfIKAAIPDsj\/5cR2kMKte\/8cAMJWAlAQ+vBBkQAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1106,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":4,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91075404,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAtiJAAIAGJ5kKAAIPDsj\/5cR2kMKte\/8cAMJWAlAY+vCdgAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNC4yMDAuMjU1LjIyOQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1106,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91075404,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1107,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":5,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91075558,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91075558,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA88AAEAGXEUOyP\/lCgACD5DCxHYAwlYCrXwBdFAQ\/\/86KgAA"} -00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1108,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":2,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91076000,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA9AAAEAGXEAOyP\/lCgACD7KOxHkAw1ABv2bicWAS\/\/8TtQAAAgQFtA=="} -00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1110,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":3,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91076000,"pkt":"UlQAEjUCCAAn5uVZCABFAAAotiNAAIAGKfAKAAIPDsj\/5cR5so6\/ZuJxAMNQAlAQ+vAwgQAA"} -01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1111,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":4,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91076000,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAtiRAAIAGJ5cKAAIPDsj\/5cR5so6\/ZuJxAMNQAlAY+vCMcAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNC4yMDAuMjU1LjIyOQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} -01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1111,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741572,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91076000,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1112,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":5,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91076000,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA9IAAEAGXEIOyP\/lCgACD7KOxHkAw1ACv2bkyVAQ\/\/8pGgAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1088,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":2,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":91051889,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91051889,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8YAAEAGMiyVHKOvCgACD8MkxIcAvm4BvtmXiWAS\/\/8GbQAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1089,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":3,"flow_src_last_pkt_time":91052332,"flow_dst_last_pkt_time":91051889,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91052332,"pkt":"UlQAEjUCCAAn5uVZCABFAAAozKZAAIAG6U4KAAIPlRyjr8SHwyS+2ZeJAL5uAlAQ+vAjOQAA"} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1090,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":2,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":91057463,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91057463,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8cAAEAG2CXL3Mb0CgACDwSqxHsAv2gBodiVp2AS\/\/+P0AAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1091,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":3,"flow_src_last_pkt_time":91057889,"flow_dst_last_pkt_time":91057463,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91057889,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoTH9AAIAGD3EKAAIPy9zG9MR7BKqh2JWnAL9oAlAQ+vCsnAAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1092,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":2,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":91058020,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91058020,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8gAAEAG\/LTc7pFSCgACD4L3xIIAwGIBECov1GAS\/\/8zjQAAAgQFtA=="} +01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1093,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":4,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91051889,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91058268,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAzKdAAIAG5vUKAAIPlRyjr8SHwyS+2ZeJAL5uAlAY+vCDFQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNDkuMjguMTYzLjE3NQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1093,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745788,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91051889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058268,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":3,"flow_src_last_pkt_time":91058398,"flow_dst_last_pkt_time":91058020,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058398,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouGtAAIAGyBQKAAIP3O6RUsSCgvcQKi\/UAMBiAlAQ+vBQWQAA"} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1095,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":5,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91058451,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058451,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA8kAAEAGMi2VHKOvCgACD8MkxIcAvm4CvtmZ4VAQ\/\/8b0gAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":4,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058020,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91058830,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAuGxAAIAGxbsKAAIP3O6RUsSCgvcQKi\/UAMBiAlAY+vC\/MAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMjAuMjM4LjE0NS44Mg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058020,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1097,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":5,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058997,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058997,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA8oAAEAG\/Lbc7pFSCgACD4L3xIIAwGICECoyLFAQ\/\/9I8gAA"} +01313{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1098,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":4,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91057463,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":655,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":655,"pkt_l4_len":621,"thread_ts_usec":91059034,"pkt":"UlQAEjUCCAAn5uVZCABFAAKBTIBAAIAGDRcKAAIPy9zG9MR7BKqh2JWnAL9oAlAY+vDxbAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAyMDMuMjIwLjE5OC4yNDQNClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpQb25nLUNhY2hpbmc6IDAuMQ0KQnllLVBhY2tldDogMC4xDQpHR0VQOiAwLjUNCkdVSUQ6IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhDQpWZW5kb3ItTWVzc2FnZTogMC4yDQpYLVF1ZXJ5LVJvdXRpbmc6IDAuMg0KWC1SZXF1ZXJpZXM6IEZhbHNlDQpVcGdyYWRlOiBUTFMvMS4wDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1VbHRyYXBlZXI6IEZhbHNlDQpYLUR5bmFtaWMtUXVlcnlpbmc6IDAuMQ0KWC1VbHRyYXBlZXItUXVlcnktUm91dGluZzogMC4xDQpYLURlZ3JlZTogMzINClgtTWF4LVRUTDogNA0KWC1HdWVzczogMC4yDQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBzZmxhZy8wLjEsIEhTRVAvMC4yDQoNCg=="} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1098,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742427,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91057463,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91059034,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1099,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":5,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91059179,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91059179,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA8sAAEAG2CXL3Mb0CgACDwSqxHsAv2gCodiYAFAQ\/\/+lNAAA"} +00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1100,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":2,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":91062021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91062021,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8wAAEAG\/T488TDCCgACD1M1xIUAwVwBVNBhD2AS\/\/\/z9wAAAgQFtA=="} +00506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1101,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":3,"flow_src_last_pkt_time":91062316,"flow_dst_last_pkt_time":91062021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91062316,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxU5AAIAGu78KAAIPPPEwwsSFUzVU0GEPAMFcAlAQ+vAQxAAA"} +01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1102,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":4,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":653,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":653,"pkt_l4_len":619,"thread_ts_usec":91062572,"pkt":"UlQAEjUCCAAn5uVZCABFAAJ\/xU9AAIAGuWcKAAIPPPEwwsSFUzVU0GEPAMFcAlAY+vCAyQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiA2MC4yNDEuNDguMTk0DQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KUG9uZy1DYWNoaW5nOiAwLjENCkJ5ZS1QYWNrZXQ6IDAuMQ0KR0dFUDogMC41DQpHVUlEOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YQ0KVmVuZG9yLU1lc3NhZ2U6IDAuMg0KWC1RdWVyeS1Sb3V0aW5nOiAwLjINClgtUmVxdWVyaWVzOiBGYWxzZQ0KVXBncmFkZTogVExTLzEuMA0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLVRva2VuOiBZaVVKNU9Nd1RvM2pGRlFML21xQjkxQ3d1L2RhbU1FbDVkaEc7IE9jV21jdz09DQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtVWx0cmFwZWVyOiBGYWxzZQ0KWC1EeW5hbWljLVF1ZXJ5aW5nOiAwLjENClgtVWx0cmFwZWVyLVF1ZXJ5LVJvdXRpbmc6IDAuMQ0KWC1EZWdyZWU6IDMyDQpYLU1heC1UVEw6IDQNClgtR3Vlc3M6IDAuMg0KWC1GZWF0dXJlczogdGxzLzEuMCwgc2ZsYWcvMC4xLCBIU0VQLzAuMg0KDQo="} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1102,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745391,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062021,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91062572,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1103,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":5,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062784,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91062784,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA80AAEAG\/UE88TDCCgACD1M1xIUAwVwCVNBjZlAQ\/\/8JXgAA"} +00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1104,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":2,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":91074721,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91074721,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA84AAEAGXEIOyP\/lCgACD5DCxHYAwlYBrXv\/HGAS\/\/8kxQAAAgQFtA=="} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1105,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":3,"flow_src_last_pkt_time":91074947,"flow_dst_last_pkt_time":91074721,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91074947,"pkt":"UlQAEjUCCAAn5uVZCABFAAAotiFAAIAGKfIKAAIPDsj\/5cR2kMKte\/8cAMJWAlAQ+vBBkQAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1106,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":4,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91074721,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91075404,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAtiJAAIAGJ5kKAAIPDsj\/5cR2kMKte\/8cAMJWAlAY+vCdgAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNC4yMDAuMjU1LjIyOQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1106,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91074721,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91075404,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1107,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":5,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91075558,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91075558,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA88AAEAGXEUOyP\/lCgACD5DCxHYAwlYCrXwBdFAQ\/\/86KgAA"} +00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1108,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":2,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":91076000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91076000,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA9AAAEAGXEAOyP\/lCgACD7KOxHkAw1ABv2bicWAS\/\/8TtQAAAgQFtA=="} +00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1110,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":3,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91076000,"pkt":"UlQAEjUCCAAn5uVZCABFAAAotiNAAIAGKfAKAAIPDsj\/5cR5so6\/ZuJxAMNQAlAQ+vAwgQAA"} +01311{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1111,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":4,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":654,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":654,"pkt_l4_len":620,"thread_ts_usec":91076000,"pkt":"UlQAEjUCCAAn5uVZCABFAAKAtiRAAIAGJ5cKAAIPDsj\/5cR5so6\/ZuJxAMNQAlAY+vCMcAAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCk5vZGU6IDkzLjQ3LjIyNi41MzoyODY4MQ0KUmVtb3RlLUlQOiAxNC4yMDAuMjU1LjIyOQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNClBvbmctQ2FjaGluZzogMC4xDQpCeWUtUGFja2V0OiAwLjENCkdHRVA6IDAuNQ0KR1VJRDogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGENClZlbmRvci1NZXNzYWdlOiAwLjINClgtUXVlcnktUm91dGluZzogMC4yDQpYLVJlcXVlcmllczogRmFsc2UNClVwZ3JhZGU6IFRMUy8xLjANCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KWC1MaXZlLVNpbmNlOiBTdW4sIDA2IE1hciAyMDIyIDExOjIyOjEwIC0wODAwDQpYLVVsdHJhcGVlcjogRmFsc2UNClgtRHluYW1pYy1RdWVyeWluZzogMC4xDQpYLVVsdHJhcGVlci1RdWVyeS1Sb3V0aW5nOiAwLjENClgtRGVncmVlOiAzMg0KWC1NYXgtVFRMOiA0DQpYLUd1ZXNzOiAwLjINClgtRmVhdHVyZXM6IHRscy8xLjAsIHNmbGFnLzAuMSwgSFNFUC8wLjINCg0K"} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1111,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741572,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91076000,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1112,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":5,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91076000,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoA9IAAEAGXEIOyP\/lCgACD7KOxHkAw1ACv2bkyVAQ\/\/8pGgAA"} 00940{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00936{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00936{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00950{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00950{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1185,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":2,"flow_src_last_pkt_time":91716946,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":91716946,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYNAAIAGx74KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1186,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":2,"flow_src_last_pkt_time":91717037,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":91717037,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNNAAIAG5KUKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1197,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":2,"flow_src_last_pkt_time":92750229,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":92750229,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYJAAIAGGXYKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1199,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":2,"flow_src_last_pkt_time":92750389,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":92750389,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AqVAAIAGaH0KAAIPTHc3HMRwT3sv+xA+AAAAAIAC+vCQWAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1203,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":3,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93622465,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KplAAIAGI1wKAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":3,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93622611,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5RAAIAGmKYKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1185,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":2,"flow_src_last_pkt_time":91716946,"flow_dst_last_pkt_time":88706114,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":91716946,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYNAAIAGx74KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1186,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":2,"flow_src_last_pkt_time":91717037,"flow_dst_last_pkt_time":88705517,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":91717037,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNNAAIAG5KUKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1197,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":2,"flow_src_last_pkt_time":92750229,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":92750229,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYJAAIAGGXYKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1199,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":2,"flow_src_last_pkt_time":92750389,"flow_dst_last_pkt_time":89732915,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":92750389,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AqVAAIAGaH0KAAIPTHc3HMRwT3sv+xA+AAAAAIAC+vCQWAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1203,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":3,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93622465,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KplAAIAGI1wKAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":3,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93622611,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5RAAIAGmKYKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93713981,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_packet_id":1,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93713981,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Ab0AAIARJSYKAAIPWKivH3AJGMoAIAKXR05EED7+AQFUC1FLUlAGUk5BXS\/iNQlw"} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93714209,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_packet_id":1,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93714209,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J3cAAIARnXIKAAIPKfk\/yHAJWDYAIGEwR05EED7\/AQFUC1FLUlAGUk5BXS\/iNQlw"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":2,"flow_src_last_pkt_time":93763238,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763238,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYxAAIAGqNsKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1209,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":2,"flow_src_last_pkt_time":93763366,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763366,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AsBAAIAGpi8KAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1210,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":2,"flow_src_last_pkt_time":93763394,"flow_dst_last_pkt_time":90738015,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763394,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rs1AAIAGRA4KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1212,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":2,"flow_src_last_pkt_time":93763440,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763440,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MiVAAIAGHAgKAAIPXjZCUsSB+JU5M3UyAAAAAIAC+vBcCwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1213,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":2,"flow_src_last_pkt_time":93763475,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763475,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg5AAIAGKkUKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1214,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":2,"flow_src_last_pkt_time":93763504,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763504,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4JAAIAGzRMKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} -00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1215,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":3,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638173,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AtlAAIAGwDcKAAIPGLMS8sRhuOFovA6\/AAAAAIAC+vBHrQAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1216,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":3,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638352,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UClAAIAGv8gKAAIPenVkTsRjIzKhF7fWAAAAAIAC+vBIyQAAAgQFtAEDAwgBAQQC"} -00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1217,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":3,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638412,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07j5AAIAGRpoKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1218,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":3,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638448,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03z1AAIAGuFYKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":2,"flow_src_last_pkt_time":93763238,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763238,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYxAAIAGqNsKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1209,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":2,"flow_src_last_pkt_time":93763366,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763366,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AsBAAIAGpi8KAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1210,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":2,"flow_src_last_pkt_time":93763394,"flow_dst_last_pkt_time":90738015,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763394,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rs1AAIAGRA4KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1212,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":2,"flow_src_last_pkt_time":93763440,"flow_dst_last_pkt_time":90744632,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763440,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MiVAAIAGHAgKAAIPXjZCUsSB+JU5M3UyAAAAAIAC+vBcCwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1213,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":2,"flow_src_last_pkt_time":93763475,"flow_dst_last_pkt_time":90737440,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763475,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg5AAIAGKkUKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1214,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":2,"flow_src_last_pkt_time":93763504,"flow_dst_last_pkt_time":90745561,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763504,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4JAAIAGzRMKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} +00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1215,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_packet_id":3,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638173,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AtlAAIAGwDcKAAIPGLMS8sRhuOFovA6\/AAAAAIAC+vBHrQAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1216,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_packet_id":3,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638352,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UClAAIAGv8gKAAIPenVkTsRjIzKhF7fWAAAAAIAC+vBIyQAAAgQFtAEDAwgBAQQC"} +00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1217,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":3,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638412,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07j5AAIAGRpoKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1218,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":3,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638448,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03z1AAIAGuFYKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1219,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":5,"flow_src_last_pkt_time":94669588,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":94669588,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8cdQAAIARC+wKAAIPS4VlXXAJzI8AKL1nYiUKBAAGD9YAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1222,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1222,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_packet_id":1,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95216801,"pkt":"UlQAEjUCCAAn5uVZCABFAABtOX8AAIAR2+8KAAIPSMnQOXAJltkAWSBpTGIxAqnQz8i8hdkTM6c6p0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} @@ -1221,10 +1221,10 @@ 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":1,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95443212,"pkt":"UlQAEjUCCAAn5uVZCABFAABtP0UAAIARMnUKAAIPdvBFx3AJGMwAWTV1zcQxAjBRcglTz+ngOj6nIkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1229,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":4,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":95489541,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4BAcAAP8Bnu0KAAICCgACDwMBvHoAAAAARQAANFApQAB\/BsDICgACD3p1ZE7EYyMyoRe31g=="} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":3,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653781,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sx9AAIAG7QUKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":3,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653938,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vENAAIAGZKwKAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1232,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":3,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653973,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CVAAIAGre0KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1233,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":3,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653991,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EcNAAIAG330KAAIPYPacfsRk2wZPr5++AAAAAIAC+vDbwgAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":3,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653781,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sx9AAIAG7QUKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":3,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653938,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vENAAIAGZKwKAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1232,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":3,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653973,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CVAAIAGre0KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1233,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_packet_id":3,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653991,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0EcNAAIAG330KAAIPYPacfsRk2wZPr5++AAAAAIAC+vDbwgAAAgQFtAEDAwgBAQQC"} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1234,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":2,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95672869,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95672869,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAgAAEARqyx28EXHCgACDxjMcAkC320uzcQxAjBRcglTz+ngOj6nIkQAAMACAAAGR1RLRwAAZ\/Bj20DGHUBcXRlTYQ4h+oNDTy0EdvBFxxjMAQAAAARQf99GFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1235,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":3,"flow_src_last_pkt_time":95685130,"flow_dst_last_pkt_time":95672869,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95685130,"pkt":"UlQAEjUCCAAn5uVZCABFAABtP0YAAIARMnQKAAIPdvBFx3AJGMwAWcAoRrQxAjeibVUOEjw\/2AtAPUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1236,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":5,"flow_src_last_pkt_time":95685184,"flow_dst_last_pkt_time":95442276,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95685184,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYpwAAIARi94KAAIPwSB+1nAJ6MwAWYyPBgYxAmW0Q47j9d2lOs+C60QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} @@ -1295,27 +1295,27 @@ 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1273,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":3,"flow_src_last_pkt_time":96404307,"flow_dst_last_pkt_time":90857929,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":96404307,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8c1IAAIARylsKAAIPvD00t3AJLkwAKChuYiUKBgACAwMAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":5,"flow_src_last_pkt_time":96404444,"flow_dst_last_pkt_time":95783404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":96404444,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8BlgAAIAREmIKAAIPaO6s+nAJW\/wAKNXJYiUKBgACAwMAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1276,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":4,"flow_src_last_pkt_time":96404307,"flow_dst_last_pkt_time":96577312,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":96577312,"pkt":"CAAn5uVZUlQAEjUCCABFAABEBBkAAEAReY28PTS3CgACDy5McAkAMAYQYiUKBgACAwNiJQoGAAYk8TEBABEAAABHVEtHCgABAABiJQoGAAYk8Q=="} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1277,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":3,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685056,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068VAAIAGCcsKAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":3,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685203,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMxAAIAG1hsKAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":3,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685413,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aotAAIAGZIwKAAIP3XxCIcRqMwT80GtdAAAAAIAC+vDo1QAAAgQFtAEDAwgBAQQC"} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":5,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":97186204,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186204,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBBoAAEAG3UVZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} -00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":5,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":97186330,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186330,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBBsAAEAG5kktQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":5,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":97186376,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186376,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBBwAAEAG95bPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} -00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":5,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":97186397,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186397,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBB0AAEAG2oFQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":3,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":97732099,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYRAAIAGx70KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1285,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":3,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":97732221,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNRAAIAG5KQKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1287,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":3,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":98763140,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYNAAIAGGXUKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":3,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":98763268,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AqZAAIAGaHwKAAIPTHc3HMRwT3sv+xA+AAAAAIAC+vCQWAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1293,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":3,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778232,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GY1AAIAGqNoKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1294,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":3,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778360,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AsFAAIAGpi4KAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1295,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":3,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778400,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MidAAIAGHAYKAAIPXjZCUsSB+JU5M3UyAAAAAIAC+vBcCwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1296,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":3,"flow_src_last_pkt_time":99778426,"flow_dst_last_pkt_time":90738015,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778426,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rs5AAIAGRA0KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1297,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":3,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778446,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4NAAIAGzRIKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} -00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1298,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":3,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778471,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg9AAIAGKkQKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} -02325{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1317,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":19,"flow_first_seen":88704875,"flow_src_last_pkt_time":100541304,"flow_dst_last_pkt_time":100658601,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1036,"flow_dst_tot_l4_payload_len":10762,"midstream":0,"thread_ts_usec":100658601,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":68,"avg":767424.4,"max":8796467,"stddev":2113226.8,"var":4465727373312.0,"ent":2.6,"data": [111774,112031,223,580,122233,123811,1735,510239,510348,125373,7027,133055,508500,509079,643423,701863,8737919,8796467,643884,78,644721,118605,2969,121592,121581,84,121516,120907,68,120959,117511]},"pktlen": {"min":40,"avg":409.2,"max":1500,"stddev":491.7,"var":241767.6,"ent":4.1,"data": [52,44,40,639,40,652,90,40,353,40,182,423,40,68,40,449,40,86,40,1500,1052,40,640,1488,40,1500,628,40,1500,628,40,640]},"bins": {"c_to_s": [9,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [6,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,4,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0,1],"entropies": [4.585552692,4.823068142,4.680641651,5.822128773,4.621928692,5.725380421,5.587119579,4.671928883,7.096185207,4.621928692,6.667861462,7.368043423,4.680641651,5.340273857,4.621928692,7.401152134,4.780641556,5.582901478,4.621928692,7.849462032,7.784356117,4.730641365,7.643722534,7.861162663,4.730641365,7.864004135,7.644542217,4.680641174,7.856564045,7.631118298,4.680641174,7.673601151]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1277,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":3,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685056,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068VAAIAGCcsKAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":3,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685203,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMxAAIAG1hsKAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_packet_id":3,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685413,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aotAAIAGZIwKAAIP3XxCIcRqMwT80GtdAAAAAIAC+vDo1QAAAgQFtAEDAwgBAQQC"} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":5,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":97186204,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186204,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBBoAAEAG3UVZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} +00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":5,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":97186330,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186330,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBBsAAEAG5kktQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":5,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":97186376,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186376,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBBwAAEAG95bPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} +00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":5,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":97186397,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":97186397,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBB0AAEAG2oFQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":3,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":97732099,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYRAAIAGx70KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1285,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":3,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":97732221,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNRAAIAG5KQKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1287,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":3,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":98763140,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYNAAIAGGXUKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_packet_id":3,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":98763268,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AqZAAIAGaHwKAAIPTHc3HMRwT3sv+xA+AAAAAIAC+vCQWAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1293,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":3,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778232,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GY1AAIAGqNoKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1294,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":3,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778360,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AsFAAIAGpi4KAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1295,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_packet_id":3,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778400,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MidAAIAGHAYKAAIPXjZCUsSB+JU5M3UyAAAAAIAC+vBcCwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1296,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":3,"flow_src_last_pkt_time":99778426,"flow_dst_last_pkt_time":90738015,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778426,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rs5AAIAGRA0KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1297,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":3,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778446,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4NAAIAGzRIKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} +00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1298,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":3,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778471,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg9AAIAGKkQKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} +02325{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1317,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":19,"flow_first_seen":88704875,"flow_src_last_pkt_time":100541304,"flow_dst_last_pkt_time":100658601,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1036,"flow_dst_tot_l4_payload_len":10762,"midstream":0,"thread_ts_usec":100658601,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":68,"avg":767424.4,"max":8796467,"stddev":2113226.8,"var":4465727373312.0,"ent":2.6,"data": [111774,112031,223,580,122233,123811,1735,510239,510348,125373,7027,133055,508500,509079,643423,701863,8737919,8796467,643884,78,644721,118605,2969,121592,121581,84,121516,120907,68,120959,117511]},"pktlen": {"min":40,"avg":409.2,"max":1500,"stddev":491.7,"var":241767.6,"ent":4.1,"data": [52,44,40,639,40,652,90,40,353,40,182,423,40,68,40,449,40,86,40,1500,1052,40,640,1488,40,1500,628,40,1500,628,40,640]},"bins": {"c_to_s": [9,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [6,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,4,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0,1],"entropies": [4.585552692,4.823068142,4.680641651,5.822128773,4.621928692,5.725380421,5.587119579,4.671928883,7.096185207,4.621928692,6.667861462,7.368043423,4.680641651,5.340273857,4.621928692,7.401152134,4.780641556,5.582901478,4.621928692,7.849462032,7.784356117,4.730641365,7.643722534,7.861162663,4.730641365,7.864004135,7.644542217,4.680641174,7.856564045,7.631118298,4.680641174,7.673601151]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01473{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1320,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":2,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":100920359,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":100920359,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBEAAAEARxyNeNkJSCgACD\/iVcAkC34d4LkYxAuq77b+oti7DkMaMrEQAAMACAAAGR1RLRwAA+wNHJRwgXbAuWugSpAUSxJsCHL8EXjZCUviVAQAAAAR+IhyrFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} -02320{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1333,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":88704150,"flow_src_last_pkt_time":101062565,"flow_dst_last_pkt_time":101062734,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1062,"flow_dst_tot_l4_payload_len":6684,"midstream":0,"thread_ts_usec":101062734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1,"avg":797322.6,"max":8218469,"stddev":1970792.9,"var":3884024594432.0,"ent":2.9,"data": [128313,128710,372,938,178629,178799,1,501219,501471,98390,140683,469376,511641,1190983,1233531,8175797,8218469,772334,828075,95677,89547,96875,110099,405396,409608,95445,89124,2830,63380,645,642]},"pktlen": {"min":40,"avg":282.6,"max":1064,"stddev":381.8,"var":145784.6,"ent":3.9,"data": [52,44,40,640,40,668,90,40,353,40,574,40,68,40,442,40,86,40,1064,40,1064,40,1064,40,1064,40,1064,40,55,40,50,40]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,1,0,0,1,0,1],"entropies": [4.662476063,4.732159138,4.630641460,5.806861401,4.521928787,5.724582195,5.627513409,4.621928692,7.193869114,4.621928692,7.467946053,4.730641842,5.399097443,4.571928978,7.330091953,4.730641365,5.719189644,4.621928692,7.801183701,4.730641365,7.783223152,4.680641174,7.789729118,4.730641365,7.787688255,4.730641365,7.814134598,4.680641651,4.944017887,4.621928692,4.859469414,4.621928692]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -02282{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90745963,"flow_src_last_pkt_time":101065402,"flow_dst_last_pkt_time":101065057,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1115,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":101065402,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":346,"avg":665759.1,"max":8692014,"stddev":2110974.0,"var":4456211546112.0,"ent":1.9,"data": [30928,31210,439,818,29157,31647,2471,501745,502012,17074,17362,35097,479690,480352,544167,592641,8643736,8692014,619,570,563,598,427,387,461,428,346,360,379,396,439]},"pktlen": {"min":40,"avg":121.8,"max":668,"stddev":170.0,"var":28912.7,"ent":4.1,"data": [52,44,40,641,40,668,90,40,353,40,182,370,40,67,40,427,40,94,40,50,40,50,40,50,40,50,40,50,40,50,40,50]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0],"entropies": [4.492582321,4.720129013,4.521928787,5.809185505,4.508695602,5.773917675,5.619303703,4.558695793,7.143177032,4.389823914,6.687948704,7.327623844,4.671928406,5.289166927,4.558695793,7.411965370,4.621928692,5.812307358,4.489823818,4.722780704,4.489823818,4.682780743,4.489823818,4.722780704,4.489823818,4.722780704,4.439823627,4.722780704,4.489823818,4.722780704,4.489823818,4.642780781]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02320{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1333,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":88704150,"flow_src_last_pkt_time":101062565,"flow_dst_last_pkt_time":101062734,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1062,"flow_dst_tot_l4_payload_len":6684,"midstream":0,"thread_ts_usec":101062734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1,"avg":797322.6,"max":8218469,"stddev":1970792.9,"var":3884024594432.0,"ent":2.9,"data": [128313,128710,372,938,178629,178799,1,501219,501471,98390,140683,469376,511641,1190983,1233531,8175797,8218469,772334,828075,95677,89547,96875,110099,405396,409608,95445,89124,2830,63380,645,642]},"pktlen": {"min":40,"avg":282.6,"max":1064,"stddev":381.8,"var":145784.6,"ent":3.9,"data": [52,44,40,640,40,668,90,40,353,40,574,40,68,40,442,40,86,40,1064,40,1064,40,1064,40,1064,40,1064,40,55,40,50,40]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,1,0,0,1,0,1],"entropies": [4.662476063,4.732159138,4.630641460,5.806861401,4.521928787,5.724582195,5.627513409,4.621928692,7.193869114,4.621928692,7.467946053,4.730641842,5.399097443,4.571928978,7.330091953,4.730641365,5.719189644,4.621928692,7.801183701,4.730641365,7.783223152,4.680641174,7.789729118,4.730641365,7.787688255,4.730641365,7.814134598,4.680641651,4.944017887,4.621928692,4.859469414,4.621928692]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02282{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90745963,"flow_src_last_pkt_time":101065402,"flow_dst_last_pkt_time":101065057,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1115,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":101065402,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":346,"avg":665759.1,"max":8692014,"stddev":2110974.0,"var":4456211546112.0,"ent":1.9,"data": [30928,31210,439,818,29157,31647,2471,501745,502012,17074,17362,35097,479690,480352,544167,592641,8643736,8692014,619,570,563,598,427,387,461,428,346,360,379,396,439]},"pktlen": {"min":40,"avg":121.8,"max":668,"stddev":170.0,"var":28912.7,"ent":4.1,"data": [52,44,40,641,40,668,90,40,353,40,182,370,40,67,40,427,40,94,40,50,40,50,40,50,40,50,40,50,40,50,40,50]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0],"entropies": [4.492582321,4.720129013,4.521928787,5.809185505,4.508695602,5.773917675,5.619303703,4.558695793,7.143177032,4.389823914,6.687948704,7.327623844,4.671928406,5.289166927,4.558695793,7.411965370,4.621928692,5.812307358,4.489823818,4.722780704,4.489823818,4.682780743,4.489823818,4.722780704,4.489823818,4.722780704,4.439823627,4.722780704,4.489823818,4.722780704,4.489823818,4.642780781]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_packet_id":1,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122346,"pkt":"UlQAEjUCCAAn5uVZCABFAABt2AwAAIARIW0KAAIPy9xpG3AJSzwAWVR20YMxAsOjfW6uj7unlpr730QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -1342,7 +1342,7 @@ 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":1,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101837355,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAsIAAIAR5ekKAAIP1eVv4HAJEwwAWTJ5PKcxAijtzcGdOPipHVZyGEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":4,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":102943717,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":102943717,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBK8AAEAGPxtJPuG1CgACD7b7xEUA2cYBqiCae2AS\/\/\/aWwAAAgQFtA=="} +00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":4,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":102943717,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":102943717,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBK8AAEAGPxtJPuG1CgACD7b7xEUA2cYBqiCae2AS\/\/\/aWwAAAgQFtA=="} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1538,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":3,"flow_src_last_pkt_time":106200868,"flow_dst_last_pkt_time":90132904,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106200868,"pkt":"UlQAEjUCCAAn5uVZCABFAABtgo8AAIAR6zkKAAIPwSX\/gnAJ8LAAWcdbqxExAsF5aprYo0LmkOznoEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1539,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":3,"flow_src_last_pkt_time":106200960,"flow_dst_last_pkt_time":90071609,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106200960,"pkt":"UlQAEjUCCAAn5uVZCABFAABt7XkAAIAREsQKAAIPUD3d9nAJd3EAWRpRkUIxAvIfqgvF6WkSbnxZFUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1576,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":4,"flow_src_last_pkt_time":106200960,"flow_dst_last_pkt_time":106233939,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":106233939,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBNAAAEAROOhQPd32CgACD3dxcAkC3wfBkUIxAvIfqgvF6WkSbnxZFUQAAMACAAAGR1RLRwAADWk0EbJTji7xq2N2EERly+h8FzIEUD3d9ndxAQAAAATOg6hoFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIanw=="} @@ -1353,10 +1353,10 @@ 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1906,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":2,"flow_src_last_pkt_time":106314874,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106314874,"pkt":"UlQAEjUCCAAn5uVZCABFAABthP0AAIARBkIKAAIPLVh12nAJGv0AWUikdrExAmyl2\/D4Flpgn2PiMkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00607{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1907,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":2,"flow_src_last_pkt_time":106314985,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106314985,"pkt":"UlQAEjUCCAAn5uVZCABFAABtv\/wAAIAR2kwKAAIPucvaXHAJ3oIAWXW3EqAxAn\/MqZ\/PxBBVRWBQQEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 01478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1908,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":4,"flow_src_last_pkt_time":106200868,"flow_dst_last_pkt_time":106325430,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":106325430,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBXQAAEARpc\/BJf+CCgACD\/CwcAkC3\/EkqxExAsF5aprYo0LmkOznoEQAAMACAAAGR1RLRwAAC5wNVaWmIUX476YAPO2IwX6VsyAEwSX\/gvCwAQAAAASWmcaYFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIanw=="} -00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1909,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":4,"flow_src_last_pkt_time":99778426,"flow_dst_last_pkt_time":106388767,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":106388767,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBXUAAEAGBW\/IB5vSCgACD27NxHMA4ZYBvExD2mAS\/\/9d4wAAAgQFtA=="} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1910,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":5,"flow_src_last_pkt_time":106389184,"flow_dst_last_pkt_time":106388767,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":106389184,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoRs9AAIAGRBgKAAIPyAeb0sRzbs28TEPaAOGWAlAQ+vB6rwAA"} -01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1911,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":106388767,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":106390698,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1919,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":5,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":109327250,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":109327250,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBcsAAEAGPf9JPuG1CgACD7b7xEUA2cYBqiCae2AS\/\/\/aWwAAAgQFtA=="} +00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1909,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":4,"flow_src_last_pkt_time":99778426,"flow_dst_last_pkt_time":106388767,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":106388767,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBXUAAEAGBW\/IB5vSCgACD27NxHMA4ZYBvExD2mAS\/\/9d4wAAAgQFtA=="} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1910,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":5,"flow_src_last_pkt_time":106389184,"flow_dst_last_pkt_time":106388767,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":106389184,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoRs9AAIAGRBgKAAIPyAeb0sRzbs28TEPaAOGWAlAQ+vB6rwAA"} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1911,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":106388767,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":106390698,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1919,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":5,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":109327250,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":109327250,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBcsAAEAGPf9JPuG1CgACD7b7xEUA2cYBqiCae2AS\/\/\/aWwAAAgQFtA=="} 00942{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00915{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00918{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -1387,25 +1387,25 @@ 01480{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1962,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_packet_id":4,"flow_src_last_pkt_time":111540517,"flow_dst_last_pkt_time":111857033,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":111857033,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBd8AAEAR0zvL3Mb0CgACDwSqcAkC3\/cN9yQxAua0C8l8g6aKgyk\/10QAAMACAAAGR1RLRwAAEQ4bgk0QPBUYN04RWX3wJMmwXm4Ey9zG9ASqAQAAAASVBH3jFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1963,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_packet_id":2,"flow_src_last_pkt_time":111857677,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":111857677,"pkt":"UlQAEjUCCAAn5uVZCABFAABtOYAAAIAR2+4KAAIPSMnQOXAJltkAWbNfr0MxAtDKk1upIWPM3ig4bEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1964,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":5,"flow_src_last_pkt_time":111857759,"flow_dst_last_pkt_time":95851159,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":111857759,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBMcAAIARP0IKAAIPL9y6jHAJa\/kAWbAycowxAqxFZNAB6RUI7VILrkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1968,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":114930255,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":114930255,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":114930255,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1968,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":1,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":114930255,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":114930255,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bAtAAIAGmk4KAAIPRXai5cSXtzoqx\/sEAAAAAIAC+vDeFgAAAgQFtAEDAwgBAQQC"} -00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1969,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":114930776,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":114930776,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":114930776,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1969,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":1,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":114930776,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":114930776,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0z\/pAAIAGGNQKAAIPvZNIU8SYZfyEcE5AAAAAAIAC+vBk5AAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1970,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":2,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":115039245,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBeIAAEAGgIBFdqLlCgACD7c6xJcA8yoBKsf7BWAS\/\/\/XGAAAAgQFtA=="} -00510{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1971,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":3,"flow_src_last_pkt_time":115039725,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115039725,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobAxAAIAGmlkKAAIPRXai5cSXtzoqx\/sFAPMqAlAQ+vDz5AAA"} -01225{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1972,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":4,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":587,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":587,"pkt_l4_len":553,"thread_ts_usec":115040547,"pkt":"UlQAEjUCCAAn5uVZCABFAAI9bA1AAIAGmEMKAAIPRXai5cSXtzoqx\/sFAPMqAlAY+vATGQAAR0VUIC91cmktcmVzL04yUj91cm46c2hhMTpMWElQMkE3MlQ1SDNCVTNHUlVNWkZZTlUzT1lESzZGSSBIVFRQLzEuMQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkhvc3Q6IDY5LjExOC4xNjIuMjI5OjQ2OTA2DQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBxdWV1ZS8xLjENClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KVXBncmFkZTogVExTLzEuMA0KQ29ubmVjdGlvbjogVXBncmFkZQ0KWC1RdWV1ZTogMS4xDQpSYW5nZTogYnl0ZXM9MC0xMDQ4NTc1DQpYLURvd25sb2FkZWQ6IDANClgtRlctTm9kZS1JbmZvOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YTsgMjg2ODE6OTMuNDcuMjI2LjUzOw0KCTE4OC42MS41Mi4xODM6MTE4NTI7IDEwNC4yMzguMTcyLjI1MDoyMzU0ODsgMTA0LjE1Ni4yMjYuNzI6NTMyNTg7DQoJNzUuMTMzLjEwMS45Mzo1MjM2Nw0KDQo="} -01504{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1972,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115040547,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} -00512{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1973,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":5,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115040805,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115040805,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBeMAAEAGgINFdqLlCgACD7c6xJcA8yoCKsf9GlAQ\/\/\/swAAA"} -00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1974,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":2,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":115124425,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBeQAAEAGYvO9k0hTCgACD2X8xJgA9CQBhHBOQWAS\/\/9j5QAAAgQFtA=="} -00510{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1975,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":3,"flow_src_last_pkt_time":115126121,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115126121,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoz\/tAAIAGGN8KAAIPvZNIU8SYZfyEcE5BAPQkAlAQ+vCAsQAA"} -01233{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1976,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":4,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":592,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":592,"pkt_l4_len":558,"thread_ts_usec":115127909,"pkt":"UlQAEjUCCAAn5uVZCABFAAJCz\/xAAIAGFsQKAAIPvZNIU8SYZfyEcE5BAPQkAlAY+vAhYAAAR0VUIC91cmktcmVzL04yUj91cm46c2hhMTpMWElQMkE3MlQ1SDNCVTNHUlVNWkZZTlUzT1lESzZGSSBIVFRQLzEuMQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkhvc3Q6IDE4OS4xNDcuNzIuODM6MjYxMDgNClgtRmVhdHVyZXM6IHRscy8xLjAsIHF1ZXVlLzEuMQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpVcGdyYWRlOiBUTFMvMS4wDQpDb25uZWN0aW9uOiBVcGdyYWRlDQpYLVF1ZXVlOiAxLjENClJhbmdlOiBieXRlcz0yNzA5OTI0LTMyMzQyMTENClgtRG93bmxvYWRlZDogMA0KWC1GVy1Ob2RlLUluZm86IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhOyAyODY4MTo5My40Ny4yMjYuNTM7DQoJMTg4LjYxLjUyLjE4MzoxMTg1MjsgMTA0LjIzOC4xNzIuMjUwOjIzNTQ4OyAxMDQuMTU2LjIyNi43Mjo1MzI1ODsNCgk3NS4xMzMuMTAxLjkzOjUyMzY3DQoNCg=="} -01501{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1976,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115127909,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} -00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1977,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":5,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115128100,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115128100,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBeUAAEAGYva9k0hTCgACD2X8xJgA9CQChHBQW1AQ\/\/95iAAA"} +00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1968,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":114930255,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":114930255,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":114930255,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1968,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":1,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":114930255,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":114930255,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bAtAAIAGmk4KAAIPRXai5cSXtzoqx\/sEAAAAAIAC+vDeFgAAAgQFtAEDAwgBAQQC"} +00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1969,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":114930776,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":114930776,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":114930776,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1969,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":1,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":114930776,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":114930776,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0z\/pAAIAGGNQKAAIPvZNIU8SYZfyEcE5AAAAAAIAC+vBk5AAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1970,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":2,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":115039245,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":115039245,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBeIAAEAGgIBFdqLlCgACD7c6xJcA8yoBKsf7BWAS\/\/\/XGAAAAgQFtA=="} +00510{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1971,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":3,"flow_src_last_pkt_time":115039725,"flow_dst_last_pkt_time":115039245,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115039725,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobAxAAIAGmlkKAAIPRXai5cSXtzoqx\/sFAPMqAlAQ+vDz5AAA"} +01225{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1972,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":4,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115039245,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":587,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":587,"pkt_l4_len":553,"thread_ts_usec":115040547,"pkt":"UlQAEjUCCAAn5uVZCABFAAI9bA1AAIAGmEMKAAIPRXai5cSXtzoqx\/sFAPMqAlAY+vATGQAAR0VUIC91cmktcmVzL04yUj91cm46c2hhMTpMWElQMkE3MlQ1SDNCVTNHUlVNWkZZTlUzT1lESzZGSSBIVFRQLzEuMQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkhvc3Q6IDY5LjExOC4xNjIuMjI5OjQ2OTA2DQpYLUZlYXR1cmVzOiB0bHMvMS4wLCBxdWV1ZS8xLjENClgtVG9rZW46IFlpVUo1T013VG8zakZGUUwvbXFCOTFDd3UvZGFtTUVsNWRoRzsgT2NXbWN3PT0NCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KVXBncmFkZTogVExTLzEuMA0KQ29ubmVjdGlvbjogVXBncmFkZQ0KWC1RdWV1ZTogMS4xDQpSYW5nZTogYnl0ZXM9MC0xMDQ4NTc1DQpYLURvd25sb2FkZWQ6IDANClgtRlctTm9kZS1JbmZvOiA3NGU4MzEwMjQxNGM5ZmI2MTdhYmIxMGM5NzYwNTk0YTsgMjg2ODE6OTMuNDcuMjI2LjUzOw0KCTE4OC42MS41Mi4xODM6MTE4NTI7IDEwNC4yMzguMTcyLjI1MDoyMzU0ODsgMTA0LjE1Ni4yMjYuNzI6NTMyNTg7DQoJNzUuMTMzLjEwMS45Mzo1MjM2Nw0KDQo="} +01504{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1972,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115039245,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115040547,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +00512{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1973,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":5,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115040805,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115040805,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBeMAAEAGgINFdqLlCgACD7c6xJcA8yoCKsf9GlAQ\/\/\/swAAA"} +00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1974,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":2,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":115124425,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":115124425,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBeQAAEAGYvO9k0hTCgACD2X8xJgA9CQBhHBOQWAS\/\/9j5QAAAgQFtA=="} +00510{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1975,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":3,"flow_src_last_pkt_time":115126121,"flow_dst_last_pkt_time":115124425,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115126121,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoz\/tAAIAGGN8KAAIPvZNIU8SYZfyEcE5BAPQkAlAQ+vCAsQAA"} +01233{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1976,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":4,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115124425,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":592,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":592,"pkt_l4_len":558,"thread_ts_usec":115127909,"pkt":"UlQAEjUCCAAn5uVZCABFAAJCz\/xAAIAGFsQKAAIPvZNIU8SYZfyEcE5BAPQkAlAY+vAhYAAAR0VUIC91cmktcmVzL04yUj91cm46c2hhMTpMWElQMkE3MlQ1SDNCVTNHUlVNWkZZTlUzT1lESzZGSSBIVFRQLzEuMQ0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkhvc3Q6IDE4OS4xNDcuNzIuODM6MjYxMDgNClgtRmVhdHVyZXM6IHRscy8xLjAsIHF1ZXVlLzEuMQ0KWC1Ub2tlbjogWWlVSjVPTXdUbzNqRkZRTC9tcUI5MUN3dS9kYW1NRWw1ZGhHOyBPY1dtY3c9PQ0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpVcGdyYWRlOiBUTFMvMS4wDQpDb25uZWN0aW9uOiBVcGdyYWRlDQpYLVF1ZXVlOiAxLjENClJhbmdlOiBieXRlcz0yNzA5OTI0LTMyMzQyMTENClgtRG93bmxvYWRlZDogMA0KWC1GVy1Ob2RlLUluZm86IDc0ZTgzMTAyNDE0YzlmYjYxN2FiYjEwYzk3NjA1OTRhOyAyODY4MTo5My40Ny4yMjYuNTM7DQoJMTg4LjYxLjUyLjE4MzoxMTg1MjsgMTA0LjIzOC4xNzIuMjUwOjIzNTQ4OyAxMDQuMTU2LjIyNi43Mjo1MzI1ODsNCgk3NS4xMzMuMTAxLjkzOjUyMzY3DQoNCg=="} +01501{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1976,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115124425,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115127909,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1977,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":5,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115128100,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115128100,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBeUAAEAGYva9k0hTCgACD2X8xJgA9CQChHBQW1AQ\/\/95iAAA"} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1980,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":115369554,"flow_src_last_pkt_time":115369554,"flow_dst_last_pkt_time":115369554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115369554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1980,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_packet_id":1,"flow_src_last_pkt_time":115369554,"flow_dst_last_pkt_time":115369554,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":115369554,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4ticAAIARadEKAAIPDsj\/5XAJkMIAJDeaLGAxAs8iaaH\/Df9W3JltAwABAAUAAADDglFLQA=="} 00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1982,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_packet_id":2,"flow_src_last_pkt_time":115369554,"flow_dst_last_pkt_time":115702290,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":115702290,"pkt":"CAAn5uVZUlQAEjUCCABFAABKBegAAEARWf8OyP\/lCgACD5DCcAkANl\/hLGAxAs8iaaH\/Df9W3JltAwEBABcAAADCkA7I\/+WyNgAAAAAgAMOCUUtEGERIlw=="} -01526{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1983,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":116164038,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":794,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":794,"midstream":0,"thread_ts_usec":116164038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} -01523{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1990,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":116336924,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":806,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":806,"midstream":0,"thread_ts_usec":116336924,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01526{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1983,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":116164038,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":794,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":794,"midstream":0,"thread_ts_usec":116164038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01523{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1990,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":116336924,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":806,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":806,"midstream":0,"thread_ts_usec":116336924,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1998,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":5,"flow_src_last_pkt_time":116628818,"flow_dst_last_pkt_time":95911831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116628818,"pkt":"UlQAEjUCCAAn5uVZCABFAABtP0cAAIARMnMKAAIPdvBFx3AJGMwAWboABjMxAj4wOckacH6ZjRVmWUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":1,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116628965,"pkt":"UlQAEjUCCAAn5uVZCABFAABtIxgAAIARvpEKAAIPUAf8wHAJGugAWSw6p+kxAjYZLonacBdkV9ywAUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} @@ -1421,7 +1421,7 @@ 01479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2011,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":4,"flow_src_last_pkt_time":116916595,"flow_dst_last_pkt_time":116952187,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":116952187,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBfgAAEARPA1thLxiCgACD\/WDcAkC3zEgAPYxAt0gaIFrQZ34NDjR2kQAAMACAAAGR1RLRwAA4JsjIdkeuStic2CcxenuP1eRs7wEbYS8YvWDAQAAAATOKYIxFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00606{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2012,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":3,"flow_src_last_pkt_time":116952656,"flow_dst_last_pkt_time":100920359,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116952656,"pkt":"UlQAEjUCCAAn5uVZCABFAABtMigAAIARW8EKAAIPXjZCUnAJ+JUAWdgAXr4xAg\/r1cFsj19qlWaDPkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 01479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2025,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":4,"flow_src_last_pkt_time":116942486,"flow_dst_last_pkt_time":117049881,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":117049881,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBf8AAEARN\/lg7M0HCgACD4fqcAkC35oc9cIxAlSvaqi63PpUHKTx3UQAAMACAAAGR1RLRwAA+Ts9p8WeGiSZuDZKSPQI3121aXEEYOzNB4fqAQAAAASVRD4TFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} -02324{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2038,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90742816,"flow_src_last_pkt_time":121143186,"flow_dst_last_pkt_time":117002254,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1696,"flow_dst_tot_l4_payload_len":3374,"midstream":0,"thread_ts_usec":121143186,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":49,"avg":1827735.8,"max":13801588,"stddev":3934254.5,"var":15478358540288.0,"ent":2.8,"data": [17190,17418,3506,3946,14197,14999,687,2797,2855,25798,49,26144,8990,9323,15893,71757,495574,483536,221196,265159,15579,77266,487598,467678,9468962,9510672,13760964,13801588,1593559,1633954,4140974]},"pktlen": {"min":40,"avg":198.9,"max":1500,"stddev":294.0,"var":86413.1,"ent":4.0,"data": [52,44,40,639,40,699,111,40,304,40,1500,180,40,166,40,91,40,219,40,404,40,387,40,507,40,115,40,111,40,176,40,101]},"bins": {"c_to_s": [8,1,2,1,1,0,0,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,1,1,0,1,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0],"entropies": [4.624014378,4.823068142,4.780641079,5.806199551,4.621928692,5.719610691,5.576837540,4.671928883,5.283092022,4.671928883,7.655467510,6.721651554,4.721928596,6.328861237,4.558695793,5.166602612,4.830641270,6.855683327,4.780641556,7.482919216,4.671928883,7.395811558,4.730640888,7.500388622,4.830641270,5.985765934,4.621928692,5.830484867,4.830641270,6.691635132,4.621928692,5.872485161]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02324{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2038,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90742816,"flow_src_last_pkt_time":121143186,"flow_dst_last_pkt_time":117002254,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1696,"flow_dst_tot_l4_payload_len":3374,"midstream":0,"thread_ts_usec":121143186,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":49,"avg":1827735.8,"max":13801588,"stddev":3934254.5,"var":15478358540288.0,"ent":2.8,"data": [17190,17418,3506,3946,14197,14999,687,2797,2855,25798,49,26144,8990,9323,15893,71757,495574,483536,221196,265159,15579,77266,487598,467678,9468962,9510672,13760964,13801588,1593559,1633954,4140974]},"pktlen": {"min":40,"avg":198.9,"max":1500,"stddev":294.0,"var":86413.1,"ent":4.0,"data": [52,44,40,639,40,699,111,40,304,40,1500,180,40,166,40,91,40,219,40,404,40,387,40,507,40,115,40,111,40,176,40,101]},"bins": {"c_to_s": [8,1,2,1,1,0,0,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,1,1,0,1,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0],"entropies": [4.624014378,4.823068142,4.780641079,5.806199551,4.621928692,5.719610691,5.576837540,4.671928883,5.283092022,4.671928883,7.655467510,6.721651554,4.721928596,6.328861237,4.558695793,5.166602612,4.830641270,6.855683327,4.780641556,7.482919216,4.671928883,7.395811558,4.730640888,7.500388622,4.830641270,5.985765934,4.621928692,5.830484867,4.830641270,6.691635132,4.621928692,5.872485161]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2042,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":72852470,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2042,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":72850420,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00749{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2042,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":71540581,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -1517,13 +1517,13 @@ 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2066,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":1,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090730,"pkt":"UlQAEjUCCAAn5uVZCABFAABtN+oAAIARg3wKAAIPzyaj5HAJGnoAWUl8GqIxAsDHb8ARC\/TCVyKtTkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2066,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2067,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_packet_id":2,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":124181723,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkkAAEARxyomjnfqCgACD8JEcAkC3z99SEIxAiBrw4qXLe42xzCJ9UQAAMACAAAGR1RLRwAAjVz9Bf0jf1LZ5zMd\/xsbFCoGHdIEJo536sJEAQAAAAT9X3JyFEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8VdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkA=="} -00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2078,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":126831784,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126831784,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2078,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":1,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":126831784,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bCBAAIAGmjkKAAIPRXai5cSatzq0d6IdAAAAAIAC+vCtSgAAAgQFtAEDAwgBAQQC"} -00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2079,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":2,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":126943376,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBmMAAEAGf\/9FdqLlCgACD7c6xJoBCaABtHeiHmAS\/\/8wNgAAAgQFtA=="} -00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2080,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":3,"flow_src_last_pkt_time":126943824,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":126943824,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobCFAAIAGmkQKAAIPRXai5cSatzq0d6IeAQmgAlAQ+vBNAgAA"} -01196{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2081,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":4,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":567,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":567,"pkt_l4_len":533,"thread_ts_usec":126944176,"pkt":"UlQAEjUCCAAn5uVZCABFAAIpbCJAAIAGmEIKAAIPRXai5cSatzq0d6IeAQmgAlAY+vBcAgAAR0VUIC9nbnV0ZWxsYS90aGV4L3YxP3Vybjp0cmVlOnRpZ2VyLzozV01VUzZXTTJaQzdYSVBSUURLWFdISEpSVjRJS1lDNE9YNEVMQ0EmZGVwdGg9OSZlZDJrPTEgSFRUUC8xLjENClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpIb3N0OiA2OS4xMTguMTYyLjIyOTo0NjkwNg0KWC1GZWF0dXJlczogdGxzLzEuMCwgcXVldWUvMS4xDQpYLVRva2VuOiBZaVVLSk1JTm9tR2NQNHpueUcxOC9rTjFaZkZ5aDVMNnNZZkg7IFl4djhyUT09DQpBY2NlcHQ6IGFwcGxpY2F0aW9uL2RpbWUNCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1RdWV1ZTogMS4xDQpYLUZXLU5vZGUtSW5mbzogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGE7IDI4NjgxOjkzLjQ3LjIyNi41MzsNCgkxODguNjEuNTIuMTgzOjExODUyOyAxMDQuMjM4LjE3Mi4yNTA6MjM1NDg7IDEwNC4xNTYuMjI2LjcyOjUzMjU4Ow0KCTc1LjEzMy4xMDEuOTM6NTIzNjcNCg0K"} -01540{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2081,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":126831784,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126944176,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/gnutella\/thex\/v1?urn:tree:tiger\/:3WMUS6WM2ZC7XIPRQDKXWHHJRV4IKYC4OX4ELCA&depth=9&ed2k=1","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} -00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2082,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":5,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126944392,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":126944392,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBmQAAEAGgAJFdqLlCgACD7c6xJoBCaACtHekH1AQ\/\/9F8gAA"} +00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2078,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":126831784,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126831784,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2078,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":1,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":126831784,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bCBAAIAGmjkKAAIPRXai5cSatzq0d6IdAAAAAIAC+vCtSgAAAgQFtAEDAwgBAQQC"} +00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2079,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":2,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126943376,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":126943376,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBmMAAEAGf\/9FdqLlCgACD7c6xJoBCaABtHeiHmAS\/\/8wNgAAAgQFtA=="} +00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2080,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":3,"flow_src_last_pkt_time":126943824,"flow_dst_last_pkt_time":126943376,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":126943824,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobCFAAIAGmkQKAAIPRXai5cSatzq0d6IeAQmgAlAQ+vBNAgAA"} +01196{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2081,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":4,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126943376,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":567,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":567,"pkt_l4_len":533,"thread_ts_usec":126944176,"pkt":"UlQAEjUCCAAn5uVZCABFAAIpbCJAAIAGmEIKAAIPRXai5cSatzq0d6IeAQmgAlAY+vBcAgAAR0VUIC9nbnV0ZWxsYS90aGV4L3YxP3Vybjp0cmVlOnRpZ2VyLzozV01VUzZXTTJaQzdYSVBSUURLWFdISEpSVjRJS1lDNE9YNEVMQ0EmZGVwdGg9OSZlZDJrPTEgSFRUUC8xLjENClVzZXItQWdlbnQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNTsgR1RLMjsgV2luZG93cyB4NjQpDQpIb3N0OiA2OS4xMTguMTYyLjIyOTo0NjkwNg0KWC1GZWF0dXJlczogdGxzLzEuMCwgcXVldWUvMS4xDQpYLVRva2VuOiBZaVVLSk1JTm9tR2NQNHpueUcxOC9rTjFaZkZ5aDVMNnNZZkg7IFl4djhyUT09DQpBY2NlcHQ6IGFwcGxpY2F0aW9uL2RpbWUNCkFjY2VwdC1FbmNvZGluZzogZGVmbGF0ZQ0KWC1RdWV1ZTogMS4xDQpYLUZXLU5vZGUtSW5mbzogNzRlODMxMDI0MTRjOWZiNjE3YWJiMTBjOTc2MDU5NGE7IDI4NjgxOjkzLjQ3LjIyNi41MzsNCgkxODguNjEuNTIuMTgzOjExODUyOyAxMDQuMjM4LjE3Mi4yNTA6MjM1NDg7IDEwNC4xNTYuMjI2LjcyOjUzMjU4Ow0KCTc1LjEzMy4xMDEuOTM6NTIzNjcNCg0K"} +01540{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2081,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":126831784,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126943376,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126944176,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/gnutella\/thex\/v1?urn:tree:tiger\/:3WMUS6WM2ZC7XIPRQDKXWHHJRV4IKYC4OX4ELCA&depth=9&ed2k=1","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2082,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":5,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126944392,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":126944392,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBmQAAEAGgAJFdqLlCgACD7c6xJoBCaACtHekH1AQ\/\/9F8gAA"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":1,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174282,"pkt":"UlQAEjUCCAAn5uVZCABFAABtuPMAAIAR0zIKAAIPTOJVaXAJGMoAWVtEeBkxArN0R\/zFhR7fMHiNqUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -1635,7 +1635,7 @@ 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2139,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131673854,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2139,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131673854,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2139,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131673854,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -02341{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2139,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":71205274,"flow_src_last_pkt_time":117002547,"flow_dst_last_pkt_time":132821508,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":705,"flow_dst_tot_l4_payload_len":2420,"midstream":0,"thread_ts_usec":132821508,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1091,"avg":3464951.8,"max":22684647,"stddev":6255594.5,"var":39132462055424.0,"ent":3.3,"data": [399865,400165,2576,3065,879170,880284,1091,343284,15848,359592,3003,2180,5087,145122,145627,10048654,10048652,469496,2676,472723,3557750,3604090,6175326,6222212,413766,464528,22633783,22684647,605343,604983,15818919]},"pktlen": {"min":40,"avg":138.2,"max":1064,"stddev":217.4,"var":47264.8,"ent":4.0,"data": [52,44,40,344,40,323,143,40,118,762,40,53,58,40,149,40,104,40,1064,45,40,122,40,70,40,213,40,52,40,123,40,62]},"bins": {"c_to_s": [9,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,2,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,1,0,1,1,0,0,1,0,1,1,1,0,1,0,0,1,1,0,0,1,0,1,1],"entropies": [4.638531685,4.760457039,4.611769199,5.768550396,4.503056526,5.575543404,5.615631580,4.553056717,5.640929699,7.709812641,4.680641174,4.708038807,4.874885082,4.592897415,6.317804813,4.453056812,5.923436165,4.453056812,7.776337624,4.335103989,4.830641270,6.163827896,4.780641556,5.454720020,4.621928692,6.573338509,4.730640888,4.776329994,4.621928692,6.159438610,4.571928978,4.925578117]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02341{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2139,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":71205274,"flow_src_last_pkt_time":117002547,"flow_dst_last_pkt_time":132821508,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":705,"flow_dst_tot_l4_payload_len":2420,"midstream":0,"thread_ts_usec":132821508,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1091,"avg":3464951.8,"max":22684647,"stddev":6255594.5,"var":39132462055424.0,"ent":3.3,"data": [399865,400165,2576,3065,879170,880284,1091,343284,15848,359592,3003,2180,5087,145122,145627,10048654,10048652,469496,2676,472723,3557750,3604090,6175326,6222212,413766,464528,22633783,22684647,605343,604983,15818919]},"pktlen": {"min":40,"avg":138.2,"max":1064,"stddev":217.4,"var":47264.8,"ent":4.0,"data": [52,44,40,344,40,323,143,40,118,762,40,53,58,40,149,40,104,40,1064,45,40,122,40,70,40,213,40,52,40,123,40,62]},"bins": {"c_to_s": [9,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,2,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,1,0,1,1,0,0,1,0,1,1,1,0,1,0,0,1,1,0,0,1,0,1,1],"entropies": [4.638531685,4.760457039,4.611769199,5.768550396,4.503056526,5.575543404,5.615631580,4.553056717,5.640929699,7.709812641,4.680641174,4.708038807,4.874885082,4.592897415,6.317804813,4.453056812,5.923436165,4.453056812,7.776337624,4.335103989,4.830641270,6.163827896,4.780641556,5.454720020,4.621928692,6.573338509,4.730640888,4.776329994,4.621928692,6.159438610,4.571928978,4.925578117]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2142,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132831233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2142,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_packet_id":1,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831233,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BqoAAIARzHEKAAIPw7WX2XAJYsIAIGTAR05EED8VAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2143,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":2,"flow_src_last_pkt_time":132831544,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831544,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jJMAAIARUAgKAAIPp3KqnHAJXSQAIHPdR05EED8WAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1978,7 +1978,7 @@ 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":183044667,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":183044667,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":183044667,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -02349{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2427,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":71205609,"flow_src_last_pkt_time":187576304,"flow_dst_last_pkt_time":187064352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":713,"flow_dst_tot_l4_payload_len":3012,"midstream":0,"thread_ts_usec":187576304,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":276,"avg":7491272.5,"max":55455380,"stddev":14262251.0,"var":203411798622208.0,"ent":3.2,"data": [106993,107336,276,805,178388,179820,1439,41004,98031,375723,432936,10046845,10046768,42293,94463,6595038,6594815,3591919,3643921,39217,93460,24009088,24063297,605105,604823,14641110,23768,14665256,55396943,55455380,453178]},"pktlen": {"min":40,"avg":156.9,"max":1105,"stddev":244.6,"var":59812.5,"ent":4.0,"data": [52,44,40,343,40,323,143,40,912,40,149,40,104,40,1105,40,200,40,70,40,189,40,52,40,123,40,64,489,40,50,40,49]},"bins": {"c_to_s": [11,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [10,0,0,0,1,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,1,0,1,0,0],"entropies": [4.624014378,4.624093533,4.730641365,5.758390427,4.553056717,5.558244705,5.696007252,4.621928692,7.730160713,4.830641270,6.349717140,4.521929264,5.981128693,4.571928978,7.767892838,4.780641556,6.727245331,4.730641365,5.454720020,4.603056908,6.642654419,4.780641079,4.853253365,4.671928883,6.256999493,4.671928883,5.061660290,7.508594036,4.830641270,4.642780781,4.780641556,4.618614674]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02349{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2427,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":71205609,"flow_src_last_pkt_time":187576304,"flow_dst_last_pkt_time":187064352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":713,"flow_dst_tot_l4_payload_len":3012,"midstream":0,"thread_ts_usec":187576304,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":276,"avg":7491272.5,"max":55455380,"stddev":14262251.0,"var":203411798622208.0,"ent":3.2,"data": [106993,107336,276,805,178388,179820,1439,41004,98031,375723,432936,10046845,10046768,42293,94463,6595038,6594815,3591919,3643921,39217,93460,24009088,24063297,605105,604823,14641110,23768,14665256,55396943,55455380,453178]},"pktlen": {"min":40,"avg":156.9,"max":1105,"stddev":244.6,"var":59812.5,"ent":4.0,"data": [52,44,40,343,40,323,143,40,912,40,149,40,104,40,1105,40,200,40,70,40,189,40,52,40,123,40,64,489,40,50,40,49]},"bins": {"c_to_s": [11,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [10,0,0,0,1,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,1,0,1,0,0],"entropies": [4.624014378,4.624093533,4.730641365,5.758390427,4.553056717,5.558244705,5.696007252,4.621928692,7.730160713,4.830641270,6.349717140,4.521929264,5.981128693,4.571928978,7.767892838,4.780641556,6.727245331,4.730641365,5.454720020,4.603056908,6.642654419,4.780641079,4.853253365,4.671928883,6.256999493,4.671928883,5.061660290,7.508594036,4.830641270,4.642780781,4.780641556,4.618614674]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2432,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_packet_id":2,"flow_src_last_pkt_time":191700213,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191700213,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00HEAAIARI3sKAAIPfCy+kXAJJ7oAIMCGR05EED8oAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2433,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":2,"flow_src_last_pkt_time":191700445,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191700445,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uoEAAIARu5gKAAIPXFhcOHAJUhEAIBhcR05EED8pAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2434,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":3,"flow_src_last_pkt_time":191700671,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191700671,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06UYAAIARhsYKAAIPW7Ni6nAJGMoAIEuVR05EED8qAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -2013,30 +2013,30 @@ 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":3,"flow_src_last_pkt_time":192908332,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192908332,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s0sAAIARB+8KAAIPrGHHDnAJGMoAIJamR05EED9GAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":3,"flow_src_last_pkt_time":192908402,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192908402,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jJQAAIARUAcKAAIPp3KqnHAJXSQAIHOsR05EED9HAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2471,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_packet_id":3,"flow_src_last_pkt_time":192908508,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192908508,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0770AAIARtrQKAAIPpanijnAJGMoAIIHcR05EED9IAQFUC1FLUlAGUk5BXS\/iNQlw"} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63000408,"flow_src_last_pkt_time":63524574,"flow_dst_last_pkt_time":63524726,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63000408,"flow_src_last_pkt_time":63524574,"flow_dst_last_pkt_time":63524726,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00932{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01072{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":64032727,"flow_src_last_pkt_time":64562062,"flow_dst_last_pkt_time":64562135,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142619,"flow_src_last_pkt_time":70230636,"flow_dst_last_pkt_time":70230366,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":756,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":756,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69141177,"flow_src_last_pkt_time":69581531,"flow_dst_last_pkt_time":69581706,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":540,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":540,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":68108022,"flow_src_last_pkt_time":68639636,"flow_dst_last_pkt_time":68639339,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":546,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":546,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72264816,"flow_src_last_pkt_time":72720223,"flow_dst_last_pkt_time":72720433,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":250,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":250,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63001005,"flow_src_last_pkt_time":63616655,"flow_dst_last_pkt_time":63616781,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":537,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":537,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266136,"flow_src_last_pkt_time":72656641,"flow_dst_last_pkt_time":72656770,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":354,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":354,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01075{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":64031460,"flow_src_last_pkt_time":64521739,"flow_dst_last_pkt_time":64521815,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":541,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":541,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266629,"flow_src_last_pkt_time":72906885,"flow_dst_last_pkt_time":72907120,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":504,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":504,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01072{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":64032727,"flow_src_last_pkt_time":64562062,"flow_dst_last_pkt_time":64562135,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142619,"flow_src_last_pkt_time":70230636,"flow_dst_last_pkt_time":70230366,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":756,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":756,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69141177,"flow_src_last_pkt_time":69581531,"flow_dst_last_pkt_time":69581706,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":540,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":540,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":68108022,"flow_src_last_pkt_time":68639636,"flow_dst_last_pkt_time":68639339,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":546,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":546,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72264816,"flow_src_last_pkt_time":72720223,"flow_dst_last_pkt_time":72720433,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":250,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":250,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63001005,"flow_src_last_pkt_time":63616655,"flow_dst_last_pkt_time":63616781,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":537,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":537,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266136,"flow_src_last_pkt_time":72656641,"flow_dst_last_pkt_time":72656770,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":354,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":354,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01075{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":64031460,"flow_src_last_pkt_time":64521739,"flow_dst_last_pkt_time":64521815,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":541,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":541,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266629,"flow_src_last_pkt_time":72906885,"flow_dst_last_pkt_time":72907120,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":504,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":504,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00935{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01070{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":63001980,"flow_src_last_pkt_time":63445433,"flow_dst_last_pkt_time":63445570,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":65062594,"flow_src_last_pkt_time":65418382,"flow_dst_last_pkt_time":65418564,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01073{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142400,"flow_src_last_pkt_time":69227111,"flow_dst_last_pkt_time":69227285,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01070{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":63001980,"flow_src_last_pkt_time":63445433,"flow_dst_last_pkt_time":63445570,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":65062594,"flow_src_last_pkt_time":65418382,"flow_dst_last_pkt_time":65418564,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01073{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142400,"flow_src_last_pkt_time":69227111,"flow_dst_last_pkt_time":69227285,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00949{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01026{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01192{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -2090,48 +2090,48 @@ 01190{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138420,"flow_src_last_pkt_time":174887033,"flow_dst_last_pkt_time":174930342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01184{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01183{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2473,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":193763657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90746756,"flow_src_last_pkt_time":90799453,"flow_dst_last_pkt_time":90799587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":510,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":510,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90746756,"flow_src_last_pkt_time":90799453,"flow_dst_last_pkt_time":90799587,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":510,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":510,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00945{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00941{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":13,"flow_first_seen":90746613,"flow_src_last_pkt_time":91392657,"flow_dst_last_pkt_time":91392753,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2540,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746142,"flow_src_last_pkt_time":91151301,"flow_dst_last_pkt_time":91150987,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":620,"flow_src_tot_l4_payload_len":1097,"flow_dst_tot_l4_payload_len":620,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01075{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592660,"flow_src_last_pkt_time":85126325,"flow_dst_last_pkt_time":85126546,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74328635,"flow_src_last_pkt_time":88170917,"flow_dst_last_pkt_time":88171102,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":253,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":253,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744462,"flow_src_last_pkt_time":90842155,"flow_dst_last_pkt_time":90842252,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":254,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":254,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745391,"flow_src_last_pkt_time":91380000,"flow_dst_last_pkt_time":91380000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01075{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745008,"flow_src_last_pkt_time":90863473,"flow_dst_last_pkt_time":90863592,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74329162,"flow_src_last_pkt_time":74395995,"flow_dst_last_pkt_time":74396263,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":503,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":503,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90747070,"flow_src_last_pkt_time":91396361,"flow_dst_last_pkt_time":91396486,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2553,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90747580,"flow_src_last_pkt_time":90902135,"flow_dst_last_pkt_time":90901928,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":670,"flow_src_tot_l4_payload_len":1103,"flow_dst_tot_l4_payload_len":670,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":13,"flow_first_seen":90746613,"flow_src_last_pkt_time":91392657,"flow_dst_last_pkt_time":91392753,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2540,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746142,"flow_src_last_pkt_time":91151301,"flow_dst_last_pkt_time":91150987,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":620,"flow_src_tot_l4_payload_len":1097,"flow_dst_tot_l4_payload_len":620,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01075{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592660,"flow_src_last_pkt_time":85126325,"flow_dst_last_pkt_time":85126546,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74328635,"flow_src_last_pkt_time":88170917,"flow_dst_last_pkt_time":88171102,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":253,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":253,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744462,"flow_src_last_pkt_time":90842155,"flow_dst_last_pkt_time":90842252,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":254,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":254,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745391,"flow_src_last_pkt_time":91380000,"flow_dst_last_pkt_time":91380000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01075{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745008,"flow_src_last_pkt_time":90863473,"flow_dst_last_pkt_time":90863592,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74329162,"flow_src_last_pkt_time":74395995,"flow_dst_last_pkt_time":74396263,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":503,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":503,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90747070,"flow_src_last_pkt_time":91396361,"flow_dst_last_pkt_time":91396486,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2553,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90747580,"flow_src_last_pkt_time":90902135,"flow_dst_last_pkt_time":90901928,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":670,"flow_src_tot_l4_payload_len":1103,"flow_dst_tot_l4_payload_len":670,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00941{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00953{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00949{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01071{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747315,"flow_src_last_pkt_time":90792942,"flow_dst_last_pkt_time":90793046,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":518,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":518,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745170,"flow_src_last_pkt_time":91127242,"flow_dst_last_pkt_time":91126885,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01071{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":91076000,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747315,"flow_src_last_pkt_time":90792942,"flow_dst_last_pkt_time":90793046,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":518,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":518,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745170,"flow_src_last_pkt_time":91127242,"flow_dst_last_pkt_time":91126885,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00945{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":5,"flow_first_seen":63001498,"flow_src_last_pkt_time":78562314,"flow_dst_last_pkt_time":78562499,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":498,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":498,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745788,"flow_src_last_pkt_time":91669101,"flow_dst_last_pkt_time":91668738,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":628,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746458,"flow_src_last_pkt_time":91171665,"flow_dst_last_pkt_time":91171376,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":690,"flow_src_tot_l4_payload_len":1099,"flow_dst_tot_l4_payload_len":690,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744013,"flow_src_last_pkt_time":90809872,"flow_dst_last_pkt_time":90809947,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":515,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":515,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90740683,"flow_src_last_pkt_time":91277614,"flow_dst_last_pkt_time":91277245,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":83805549,"flow_src_last_pkt_time":84251629,"flow_dst_last_pkt_time":84251761,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01073{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91408210,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741172,"flow_src_last_pkt_time":90825072,"flow_dst_last_pkt_time":90825175,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":255,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":255,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90742427,"flow_src_last_pkt_time":91375538,"flow_dst_last_pkt_time":91375677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":276,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":276,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90746915,"flow_src_last_pkt_time":91439469,"flow_dst_last_pkt_time":91439719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2538,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741945,"flow_src_last_pkt_time":90864792,"flow_dst_last_pkt_time":90864906,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":265,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74327445,"flow_src_last_pkt_time":74692032,"flow_dst_last_pkt_time":74692032,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":508,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":508,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00758{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":11,"flow_first_seen":90746322,"flow_src_last_pkt_time":90948025,"flow_dst_last_pkt_time":90948025,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":609,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1030,"flow_dst_tot_l4_payload_len":2215,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592023,"flow_src_last_pkt_time":85055745,"flow_dst_last_pkt_time":85055956,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741572,"flow_src_last_pkt_time":91414904,"flow_dst_last_pkt_time":91415063,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747782,"flow_src_last_pkt_time":90850056,"flow_dst_last_pkt_time":90850142,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":512,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":512,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","ndpi": {"flow_risk": {"50": {"risk":"TCP Connection Issues","severity":"Medium","risk_score": {"total":350,"client":235,"server":115}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":5,"flow_first_seen":63001498,"flow_src_last_pkt_time":78562314,"flow_dst_last_pkt_time":78562499,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":498,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":498,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745788,"flow_src_last_pkt_time":91669101,"flow_dst_last_pkt_time":91668738,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":628,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746458,"flow_src_last_pkt_time":91171665,"flow_dst_last_pkt_time":91171376,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":690,"flow_src_tot_l4_payload_len":1099,"flow_dst_tot_l4_payload_len":690,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744013,"flow_src_last_pkt_time":90809872,"flow_dst_last_pkt_time":90809947,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":515,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":515,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01078{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90740683,"flow_src_last_pkt_time":91277614,"flow_dst_last_pkt_time":91277245,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":83805549,"flow_src_last_pkt_time":84251629,"flow_dst_last_pkt_time":84251761,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01073{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91408210,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741172,"flow_src_last_pkt_time":90825072,"flow_dst_last_pkt_time":90825175,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":255,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":255,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90742427,"flow_src_last_pkt_time":91375538,"flow_dst_last_pkt_time":91375677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":276,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":276,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90746915,"flow_src_last_pkt_time":91439469,"flow_dst_last_pkt_time":91439719,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2538,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741945,"flow_src_last_pkt_time":90864792,"flow_dst_last_pkt_time":90864906,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":265,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74327445,"flow_src_last_pkt_time":74692032,"flow_dst_last_pkt_time":74692032,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":508,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":508,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00758{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":11,"flow_first_seen":90746322,"flow_src_last_pkt_time":90948025,"flow_dst_last_pkt_time":90948025,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":609,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1030,"flow_dst_tot_l4_payload_len":2215,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592023,"flow_src_last_pkt_time":85055745,"flow_dst_last_pkt_time":85055956,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01077{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741572,"flow_src_last_pkt_time":91414904,"flow_dst_last_pkt_time":91415063,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747782,"flow_src_last_pkt_time":90850056,"flow_dst_last_pkt_time":90850142,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":512,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":512,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01186{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01188{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01193{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":177166814,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -2164,10 +2164,10 @@ 00935{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00935{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00949{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90743161,"flow_src_last_pkt_time":96110816,"flow_dst_last_pkt_time":96110996,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01076{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90743161,"flow_src_last_pkt_time":96110816,"flow_dst_last_pkt_time":96110996,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00949{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01073{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":98168368,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01070{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":101917395,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01073{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":98168368,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01070{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":101917395,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01192{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":131670910,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00753{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":191702893,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -2247,7 +2247,7 @@ 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_packet_id":1,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229240388,"pkt":"UlQAEjUCCAAn5uVZCABFAABpQyQAAIAR7ygKAAIPPiO+BXAJSKwAVQDtR05EED9NAQFMQVEyUApVRFBdL+I1CXAx8WVwSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} 00939{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00931{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":3,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":115276904,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":3,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":115276904,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00945{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00750{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00753{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":131671934,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -2672,7 +2672,7 @@ 00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -01333{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":12,"flow_first_seen":126831784,"flow_src_last_pkt_time":130215321,"flow_dst_last_pkt_time":130215029,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":10365,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01333{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":12,"flow_first_seen":126831784,"flow_src_last_pkt_time":130215321,"flow_dst_last_pkt_time":130215029,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":10365,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -3517,16 +3517,16 @@ 01181{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00833{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00833{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01180{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01181{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00833{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00833{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00753{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":251735454,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00753{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":251737467,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00752{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":191703548,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -3853,8 +3853,8 @@ 00755{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 01184{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01183{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00835{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01191{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01190{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00847{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3337,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":322350285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6543,8 +6543,8 @@ 01554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3902,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_packet_id":2,"flow_src_last_pkt_time":599529292,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":834,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":834,"pkt_l4_len":780,"thread_ts_usec":599529292,"pkt":"MzMAAAAMCAAn5uVZht1gB0PFAwwRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dYOdgMMdjk8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvQnllPC93c2E6QWN0aW9uPjx3c2E6TWVzc2FnZUlEPnVybjp1dWlkOjk4Zjc0ZjcxLTZkZmMtNDYxMi05YzNjLTVjNTgwZWI4MzU5Njwvd3NhOk1lc3NhZ2VJRD48d3NkOkFwcFNlcXVlbmNlIEluc3RhbmNlSWQ9IjQ2IiBTZXF1ZW5jZUlkPSJ1cm46dXVpZDo3NjczODllMC1lZTlhLTRjMWMtYjkwMi0yMGNiODFkMjAzZTAiIE1lc3NhZ2VOdW1iZXI9IjUiPjwvd3NkOkFwcFNlcXVlbmNlPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOkJ5ZT48d3NhOkVuZHBvaW50UmVmZXJlbmNlPjx3c2E6QWRkcmVzcz51cm46dXVpZDo3NDdmM2Q5Ni02OGE3LTQzZjEtOGNiZS1lOGQ2ZGFkZDAzNTg8L3dzYTpBZGRyZXNzPjwvd3NhOkVuZHBvaW50UmVmZXJlbmNlPjwvd3NkOkJ5ZT48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+"} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3903,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_packet_id":2,"flow_src_last_pkt_time":599747316,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":599747316,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAOKkAAAAAQMAAAD\/AgAAAAAAAAAAAAAAAAAM"} 00595{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":3904,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","packets-captured":3904,"packets-processed":3882,"total-skipped-flows":0,"total-l4-payload-len":383594,"total-not-detected-flows":473,"total-guessed-flows":3,"total-detected-flows":174,"total-detection-updates":5,"total-updates":2519,"current-active-flows":169,"total-active-flows":801,"total-idle-flows":632,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6545,"global_ts_usec":600247140} -00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":312957614,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":312957614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6561,22 +6561,22 @@ 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":491979236,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":551891672,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":551891672,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00944{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415868,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":776,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702767,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.10.83","src_port":28681,"dst_port":8797,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":776,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702767,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.10.83","src_port":28681,"dst_port":8797,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01083{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":66,"flow_dst_packets_processed":69,"flow_first_seen":90742816,"flow_src_last_pkt_time":593652028,"flow_dst_last_pkt_time":593652028,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":3017,"flow_dst_tot_l4_payload_len":6754,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01083{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":66,"flow_dst_packets_processed":69,"flow_first_seen":90742816,"flow_src_last_pkt_time":593652028,"flow_dst_last_pkt_time":593652028,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":3017,"flow_dst_tot_l4_payload_len":6754,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00840{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":767,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490658663,"flow_src_last_pkt_time":490658663,"flow_dst_last_pkt_time":490773349,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":767,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490658663,"flow_src_last_pkt_time":490658663,"flow_dst_last_pkt_time":490773349,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":551891223,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":551891223,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":431830029,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":431830029,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":778,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6584,31 +6584,31 @@ 00841{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":773,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659760,"flow_src_last_pkt_time":490659760,"flow_dst_last_pkt_time":490696108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":773,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659760,"flow_src_last_pkt_time":490659760,"flow_dst_last_pkt_time":490696108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00896{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01087{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":182,"flow_dst_packets_processed":183,"flow_first_seen":88704150,"flow_src_last_pkt_time":593692438,"flow_dst_last_pkt_time":593692239,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2616,"flow_dst_tot_l4_payload_len":40868,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01087{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":182,"flow_dst_packets_processed":183,"flow_first_seen":88704150,"flow_src_last_pkt_time":593692438,"flow_dst_last_pkt_time":593692239,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2616,"flow_dst_tot_l4_payload_len":40868,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702875,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702875,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00844{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490658810,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":548572473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00757{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490658810,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":548572473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00845{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00758{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01065{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":599325330,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00943{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":595449220,"flow_src_last_pkt_time":598465934,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":553212697,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":553212697,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00967{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00755{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":551891417,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":551891417,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6618,69 +6618,69 @@ 00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":493285407,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":493285407,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599747316,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00953{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":599415510,"flow_src_last_pkt_time":599529292,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01329{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":7,"flow_first_seen":114930255,"flow_src_last_pkt_time":116183701,"flow_dst_last_pkt_time":116183576,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":5238,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01329{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":7,"flow_first_seen":114930255,"flow_src_last_pkt_time":116183701,"flow_dst_last_pkt_time":116183576,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":5238,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":551891299,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":551891299,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":551890628,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":551890628,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":551890119,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":551890119,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":553213068,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":553213068,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":553212536,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":553212536,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":553212996,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":553212996,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":551891091,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":551891091,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":433135893,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":433135893,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":493284702,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":493284702,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":45,"flow_dst_packets_processed":54,"flow_first_seen":71205274,"flow_src_last_pkt_time":593737928,"flow_dst_last_pkt_time":593737690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":754,"flow_dst_tot_l4_payload_len":5336,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":45,"flow_dst_packets_processed":54,"flow_first_seen":71205274,"flow_src_last_pkt_time":593737928,"flow_dst_last_pkt_time":593737690,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":754,"flow_dst_tot_l4_payload_len":5336,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00943{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":523077357,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01031{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":491978225,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":491978225,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":553212305,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6691,54 +6691,54 @@ 00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":493284151,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":774,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659991,"flow_src_last_pkt_time":551702643,"flow_dst_last_pkt_time":490659991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6599,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":774,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659991,"flow_src_last_pkt_time":551702643,"flow_dst_last_pkt_time":490659991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6599,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":551890738,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":551890738,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":551890466,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":551890466,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":771,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659443,"flow_src_last_pkt_time":551881788,"flow_dst_last_pkt_time":490659443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.27.193.6","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":771,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659443,"flow_src_last_pkt_time":551881788,"flow_dst_last_pkt_time":490659443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.27.193.6","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":551890943,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":551890943,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":493285866,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":493285866,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":493286026,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":493286026,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00841{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551881619,"flow_dst_last_pkt_time":552092880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6751,18 +6751,18 @@ 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":553212612,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":491980175,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":491980175,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":769,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659046,"flow_src_last_pkt_time":551881355,"flow_dst_last_pkt_time":490659046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.110.61.169","src_port":28681,"dst_port":11973,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":769,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659046,"flow_src_last_pkt_time":551881355,"flow_dst_last_pkt_time":490659046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.110.61.169","src_port":28681,"dst_port":11973,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00842{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00755{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":553212772,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6771,28 +6771,28 @@ 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":551891799,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":491980650,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":491980650,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":551891992,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":551891992,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":772,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659611,"flow_src_last_pkt_time":551701186,"flow_dst_last_pkt_time":490659611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.192.231.237","src_port":28681,"dst_port":9676,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":772,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659611,"flow_src_last_pkt_time":551701186,"flow_dst_last_pkt_time":490659611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.192.231.237","src_port":28681,"dst_port":9676,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":551890853,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6801,65 +6801,65 @@ 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":551891491,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00841{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":770,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659223,"flow_src_last_pkt_time":490659223,"flow_dst_last_pkt_time":490846962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":770,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659223,"flow_src_last_pkt_time":490659223,"flow_dst_last_pkt_time":490846962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 01033{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -01086{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":153,"flow_dst_packets_processed":159,"flow_first_seen":88704875,"flow_src_last_pkt_time":593713091,"flow_dst_last_pkt_time":593712859,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2615,"flow_dst_tot_l4_payload_len":16813,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01328{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":5,"flow_first_seen":114930776,"flow_src_last_pkt_time":116342717,"flow_dst_last_pkt_time":116342552,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":2552,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01086{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":153,"flow_dst_packets_processed":159,"flow_first_seen":88704875,"flow_src_last_pkt_time":593713091,"flow_dst_last_pkt_time":593712859,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2615,"flow_dst_tot_l4_payload_len":16813,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01328{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":5,"flow_first_seen":114930776,"flow_src_last_pkt_time":116342717,"flow_dst_last_pkt_time":116342552,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":2552,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP\/TLS\/QUIC Numeric Hostname\/SNI","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} 00962{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":493283238,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00750{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":493283238,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00840{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":551890239,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":551890239,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00957{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00745{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":766,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490658312,"flow_src_last_pkt_time":490658312,"flow_dst_last_pkt_time":490658312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":766,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490658312,"flow_src_last_pkt_time":490658312,"flow_dst_last_pkt_time":490658312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -01087{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":146,"flow_dst_packets_processed":149,"flow_first_seen":90745963,"flow_src_last_pkt_time":593624376,"flow_dst_last_pkt_time":593620036,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2601,"flow_dst_tot_l4_payload_len":7395,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +01087{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":146,"flow_dst_packets_processed":149,"flow_first_seen":90745963,"flow_src_last_pkt_time":593624376,"flow_dst_last_pkt_time":593620036,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2601,"flow_dst_tot_l4_payload_len":7395,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":491980468,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":491980468,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00959{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00747{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00963{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":493284992,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00751{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":493284992,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00958{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00746{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702853,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702853,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} -00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} -00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00960{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00748{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} +00961{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} +00749{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} -01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":43,"flow_dst_packets_processed":47,"flow_first_seen":71205609,"flow_src_last_pkt_time":593376712,"flow_dst_last_pkt_time":593376534,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":753,"flow_dst_tot_l4_payload_len":5162,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01082{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":43,"flow_dst_packets_processed":47,"flow_first_seen":71205609,"flow_src_last_pkt_time":593376712,"flow_dst_last_pkt_time":593376534,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":753,"flow_dst_tot_l4_payload_len":5162,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01187{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00966{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00754{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3905,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} |