bump libnDPI to c49d126d3642d5b1f5168d049e3ebf0ee3451edcHEADtmpmain

 * fix API issue with a changed function signature

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

1 files changed, 52 insertions, 41 deletions

diff --git a/test/results/default/sites.pcapng.out b/test/results/default/sites.pcapng.out
index 9a3fe9434..3efbf1dc0 100644
--- a/test/results/default/sites.pcapng.out
+++ b/test/results/default/sites.pcapng.out
@@ -1,5 +1,5 @@
-00612{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00833{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1595957694169758}
+00612{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00833{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1595957694169758}
 00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694169758,"flow_dst_last_pkt_time":1595957694169758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1595957694169758,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1595957694169758,"flow_dst_last_pkt_time":1595957694169758,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1595957694169758,"pkt":"CL6sCxdumt9Y+uvcCABFAAA86wlAAEAGQqHAqAypRav6FLRQAbvxSUO4AAAAAKAC\/\/943AAAAgQFtAQCCAp3CF\/6AAAAAAEDAwk="}
 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1595957694169758,"flow_dst_last_pkt_time":1595957694175849,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1595957694175849,"pkt":"mt9Y+uvcCL6sCxduCABFAAA8AABAAFUGGKtFq\/oUwKgMqQG7tFDMBUIi8UlDuaASbHAk8gAAAgQFeAQCCAqwcikLdwhf+gEDAwg="}
@@ -7,7 +7,7 @@
 01249{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694175849,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":381,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":381,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1595957694181636,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.FacebookMessenger","proto_id":"91.157","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"edge-mqtt.facebook.com","domainame":"edge-mqtt.facebook.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t00d0309h2_55b375c5d22e_2d3f7b9fe3d5","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,h2-fb","tls_supported_versions":"TLSv1.3,TLSv1.3 (Fizz)","blocks":0}}}
 00837{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694188758,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":282,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":282,"pkt_l4_len":248,"thread_ts_usec":1595957694188758,"pkt":"mt9Y+uvcCL6sCxduCABFAAEMv+hAAFUGV\/JFq\/oUwKgMqQG7tFDMBUIj8UlFNoAYAHHhaAAAAQEICrByKRd3CGAFFgMDAIACAAB8AwPUEITn7mCrvulT\/NdcXKN5KijcI4g9k3CK2XQ772s3WyCYle6z8aZolVAW\/WsVOAFFqAocCpVZly96\/6VmRt6unBMBAAA0ACsAAvsaADMAJAAdACAO0nP6nc6Qo9rpWYhM5FN2IQ7onG5IGH\/bMnw97GrsYgApAAIAABQDAwABARcDAwBIGZYMK775StJv8IeA6uX06XwsLuMhuuiwj099ayB3wMQVpJF0HhA8WjwU9NAQeMRhHSdrrGCE3zuMW3mj8V6sAMmDjxeKSHVB"}
 01299{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694188758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":381,"flow_dst_max_l4_payload_len":216,"flow_src_tot_l4_payload_len":381,"flow_dst_tot_l4_payload_len":216,"midstream":0,"thread_ts_usec":1595957694188758,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.FacebookMessenger","proto_id":"91.157","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"edge-mqtt.facebook.com","domainame":"edge-mqtt.facebook.com","tls": {"version":"TLSv1.3 (Fizz)","ja3s":"fcb2d4d0991292272fcb1e464eedfd43","ja4":"t00d0309h2_55b375c5d22e_2d3f7b9fe3d5","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,h2-fb","tls_supported_versions":"TLSv1.3,TLSv1.3 (Fizz)","blocks":0}}}
-00836{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":5,"packets-processed":4,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":597,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":10,"global_ts_usec":1623221441867993}
+00836{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":5,"packets-processed":4,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":597,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":10,"global_ts_usec":1623221441867993}
 00773{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221441867993,"flow_dst_last_pkt_time":1623221441867993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623221441867993,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1623221441867993,"flow_dst_last_pkt_time":1623221441867993,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623221441867993,"pkt":"pJGxgjQ5AoEfHBPlCABFAAA8opRAAEAGGajAqAH6XHpfY6OWAbs7TQBaAAAAAKAC\/\/9coQAAAgQFtAQCCAqqdeFuAAAAAAEDAwk="}
 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1623221441867993,"flow_dst_last_pkt_time":1623221441879742,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623221441879742,"pkt":"AoEfHBPlpJGxgjQ5CABFAAA8AABAADgGxDxcel9jwKgB+gG7o5aALohKO00AW6AS\/ojeuQAAAgQFtAQCCAoeqlgsqnXhbgEDAwc="}
@@ -17,7 +17,7 @@
 00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1623221441893147,"flow_dst_last_pkt_time":1623221441907431,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623221441907431,"pkt":"AoEfHBPlpJGxgjQ5CABFAAA09P1AADgGz0Zcel9jwKgB+gG7o5aALohLO00CYIAQAfoH2wAAAQEICh6qWEaqdeGJ"}
 01290{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221441893147,"flow_dst_last_pkt_time":1623221441911029,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1623221441911029,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.TikTok","proto_id":"91.49","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"vcs-va.tiktokv.com","domainame":"vcs-va.tiktokv.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1615h2_46e7e9700bed_45f260be83e2","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
 00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694188758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":381,"flow_dst_max_l4_payload_len":216,"flow_src_tot_l4_payload_len":381,"flow_dst_tot_l4_payload_len":216,"midstream":0,"thread_ts_usec":1623221442073719,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.FacebookMessenger","proto_id":"91.157","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
-00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":36,"packets-processed":35,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9095,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":2,"total-updates":0,"current-active-flows":1,"total-active-flows":2,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":20,"global_ts_usec":1623222051753416}
+00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":36,"packets-processed":35,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9095,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":2,"total-updates":0,"current-active-flows":1,"total-active-flows":2,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":20,"global_ts_usec":1623222051753416}
 00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051753416,"flow_dst_last_pkt_time":1623222051753416,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623222051753416,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1623222051753416,"flow_dst_last_pkt_time":1623222051753416,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623222051753416,"pkt":"pJGxgjQ56CrqthSFCABFAAA0YDdAAIAGW9bAqAHjNElH4sOXAbv6yL58AAAAAIAC+vC20AAAAgQFtAEDAwgBAQQC"}
 00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1623222051753416,"flow_dst_last_pkt_time":1623222051852336,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623222051852336,"pkt":"6CrqthSFpJGxgjQ5CABFAAA0AABAAOkGUw00SUfiwKgB4wG7w5czz+y6+si+fYASaQMoIwAAAgQFtAEBBAIBAwMI"}
@@ -28,7 +28,7 @@
 01328{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051957659,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1623222051957659,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"presence.fuze.com","domainame":"presence.fuze.com","tls": {"version":"TLSv1.2","ja3s":"8d2a028aa94425f76ced7826b1f39039","ja4":"t13d1515h2_8daaf6152771_de4a06bb82e3","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
 01552{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051957659,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5281,"midstream":0,"thread_ts_usec":1623222051957659,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"presence.fuze.com","domainame":"presence.fuze.com","tls": {"version":"TLSv1.2","server_names":"*.presence.fuze.com,presence.fuze.com","ja3s":"8d2a028aa94425f76ced7826b1f39039","ja4":"t13d1515h2_8daaf6152771_de4a06bb82e3","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=US, O=Amazon, OU=Server CA 1B, CN=Amazon","subjectDN":"CN=*.presence.fuze.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","fingerprint":"B4:E1:85:91:CD:36:0A:89:7B:6F:A0:C1:11:B5:A5:29:CE:05:13:79","blocks":0}}}
 00978{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":15,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221458497766,"flow_dst_last_pkt_time":1623221458494846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1024,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":2486,"flow_dst_tot_l4_payload_len":6012,"midstream":0,"thread_ts_usec":1623222052202072,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.TikTok","proto_id":"91.49","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
-00841{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":67,"packets-processed":66,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":4,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1623223595952198}
+00841{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":67,"packets-processed":66,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":4,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1623223595952198}
 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223595952198,"flow_dst_last_pkt_time":1623223595952198,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623223595952198,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1623223595952198,"flow_dst_last_pkt_time":1623223595952198,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623223595952198,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8ZBhAAEAGCeXAqAGAW8au0MW8AbvaIBcHAAAAAKAC+vC78AAAAgQFtAQCCAq86k7VAAAAAAEDAwc="}
 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1623223595952198,"flow_dst_last_pkt_time":1623223595999034,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623223595999034,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADEGfP1bxq7QwKgBgAG7xbxrNtsg2iAXCKASqbDzDgAAAgQFnAQCCAoXn7wwvOpO1QEDAwk="}
@@ -39,7 +39,7 @@
 01270{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223596004515,"flow_dst_last_pkt_time":1623223596052201,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1623223596052201,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"upload.wikimedia.org","domainame":"upload.wikimedia.org","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1815h2_e8a523a41297_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 02132{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223596109406,"flow_dst_last_pkt_time":1623223596108936,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":1036,"flow_dst_tot_l4_payload_len":16479,"midstream":0,"thread_ts_usec":1623223596109406,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":10127.3,"max":52937,"stddev":19772.5,"var":390950848.0,"ent":2.8,"data": [46836,50076,2241,52937,230,0,0,0,52220,0,0,0,1478,638,2420,52443,0,779,3077,0,237,0,0,0,0,0,199,47900,0,0,235]},"pktlen": {"min":52,"avg":599.8,"max":1500,"stddev":646.4,"var":417856.7,"ent":4.1,"data": [60,60,52,569,52,1500,1500,1252,152,52,52,52,52,132,222,290,355,95,83,1500,1500,1500,1500,1500,1500,1500,1500,374,52,52,52,83]},"bins": {"c_to_s": [10,0,1,0,0,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [3,1,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,10,0,0]},"directions": [0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0],"entropies": [4.713301182,5.220872402,5.008629799,5.408417225,5.079967022,7.845353127,7.893048763,7.841969490,6.480354786,5.047091007,5.047091484,5.085552692,5.085553169,6.254513264,6.947219372,7.136369228,7.362440109,5.997154236,5.666953564,7.893563271,7.867501259,7.878776073,7.865104198,7.874600887,7.869311810,7.861063480,7.860395432,7.425109863,5.085552692,5.047091007,5.085552692,5.564384460]},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
 00980{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":17,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222112086485,"flow_dst_last_pkt_time":1623222112185361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":965,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2226,"flow_dst_tot_l4_payload_len":6554,"midstream":0,"thread_ts_usec":1623223596203292,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
-00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":119,"packets-processed":118,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":35609,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":5,"total-updates":0,"current-active-flows":1,"total-active-flows":4,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":42,"global_ts_usec":1623226283573712}
+00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":119,"packets-processed":118,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":35609,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":5,"total-updates":0,"current-active-flows":1,"total-active-flows":4,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":42,"global_ts_usec":1623226283573712}
 00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226283573712,"flow_dst_last_pkt_time":1623226283573712,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623226283573712,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1623226283573712,"flow_dst_last_pkt_time":1623226283573712,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623226283573712,"pkt":"pJGxgjQ5AoEfHBPlCABFAAA8M5RAAEAGJgDAqAH6LVLxM5vSAFAXgCu+AAAAAKAC\/\/9tawAAAgQFtAQCCAolvfRMAAAAAAEDAwk="}
 00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1623226283573712,"flow_dst_last_pkt_time":1623226283601626,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623226283601626,"pkt":"AoEfHBPlpJGxgjQ5CABFAAA0AABAADMGZpwtUvEzwKgB+gBQm9LNImc9F4Arv4ASchAIQAAAAgQFeAEBBAIBAwMK"}
@@ -49,7 +49,7 @@
 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":5,"flow_src_last_pkt_time":1623226283612303,"flow_dst_last_pkt_time":1623226283640806,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1623226283640806,"pkt":"AoEfHBPlpJGxgjQ5CABFAAAox9pAADMGns0tUvEzwKgB+gBQm9LNImc+F4AsfVAQAB66DQAAAAAAAAAA"}
 02180{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226284678348,"flow_dst_last_pkt_time":1623226284677149,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":190,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":380,"flow_dst_tot_l4_payload_len":18862,"midstream":0,"thread_ts_usec":1623226284678348,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":71228.2,"max":1031142,"stddev":245139.1,"var":60093177856.0,"ent":1.6,"data": [27914,29082,9509,39180,2950,0,249,0,0,0,0,59912,0,307,0,0,304,0,974261,1031142,0,0,0,29550,491,2002,0,490,0,730,0]},"pktlen": {"min":46,"avg":645.1,"max":1500,"stddev":701.2,"var":491744.0,"ent":4.0,"data": [60,52,46,230,46,1500,1500,1500,1500,1500,1500,1382,46,46,46,46,46,46,46,230,1500,1500,1500,1500,46,46,1500,1500,46,46,46,46]},"bins": {"c_to_s": [15,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,12,0,0]},"directions": [0,1,0,0,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,1,1,1,1,0,0,1,1,0,0,0,0],"entropies": [4.650921822,4.854286671,4.347350597,5.690956593,4.347350597,7.663578510,7.860166073,7.846680641,7.877070427,7.858085155,7.884421825,7.865271091,4.347350597,4.303872585,4.260394573,4.303872585,4.303872585,4.347350597,4.347350597,5.731587410,7.670816898,7.866776943,7.851586819,7.865674973,4.303872585,4.303872108,7.855195045,7.870656013,4.303872585,4.260394096,4.303872108,4.303872585]},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Likee","proto_id":"7.261","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"videosnap.like.video"}}
 01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":28,"flow_dst_packets_processed":24,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223766553269,"flow_dst_last_pkt_time":1623223766548680,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":1177,"flow_dst_tot_l4_payload_len":16557,"midstream":0,"thread_ts_usec":1623226286427901,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"upload.wikimedia.org"}}
-00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":231,"packets-processed":230,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":108050,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":5,"total-updates":0,"current-active-flows":1,"total-active-flows":5,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":52,"global_ts_usec":1631088115362469}
+00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":231,"packets-processed":230,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":108050,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":5,"total-updates":0,"current-active-flows":1,"total-active-flows":5,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":52,"global_ts_usec":1631088115362469}
 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115362469,"flow_dst_last_pkt_time":1631088115362469,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1631088115362469,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1631088115362469,"flow_dst_last_pkt_time":1631088115362469,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1631088115362469,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8aylAAEAG8xTAqAGAx+hSbbaEAbsR7WhdAAAAAKAC+vCzrwAAAgQFtAQCCAqzLdcpAAAAAAEDAwc="}
 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1631088115362469,"flow_dst_last_pkt_time":1631088115376274,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1631088115376274,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADQGaj7H6FJtwKgBgAG7toQ\/rdv6Ee1oXqAS\/\/\/HZwAAAgQFTAQCCApg6mr7sy3XKQEDAwk="}
@@ -60,7 +60,7 @@
 01320{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115376494,"flow_dst_last_pkt_time":1631088115392643,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1344,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1344,"midstream":0,"thread_ts_usec":1631088115392643,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"f.vimeocdn.com","domainame":"f.vimeocdn.com","tls": {"version":"TLSv1.2","ja3s":"16c0b3e6a7b8173c16d944cfeaeee9cf","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
 01537{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115392667,"flow_dst_last_pkt_time":1631088115392674,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1344,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4032,"midstream":0,"thread_ts_usec":1631088115392674,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"f.vimeocdn.com","domainame":"f.vimeocdn.com","tls": {"version":"TLSv1.2","server_names":"*.vimeocdn.com","ja3s":"16c0b3e6a7b8173c16d944cfeaeee9cf","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020","subjectDN":"CN=*.vimeocdn.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","fingerprint":"3A:0F:CF:EC:3C:13:25:E2:E1:4D:C6:52:A6:4D:8D:96:10:1E:8E:37","blocks":0}}}
 01015{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":58,"flow_dst_packets_processed":54,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226466507324,"flow_dst_last_pkt_time":1623226466414542,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":190,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":950,"flow_dst_tot_l4_payload_len":71491,"midstream":0,"thread_ts_usec":1631088115406479,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Likee","proto_id":"7.261","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"videosnap.like.video"}}
-00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":256,"packets-processed":255,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":113664,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":7,"total-updates":0,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":63,"global_ts_usec":1637349011376367}
+00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":256,"packets-processed":255,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":113664,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":7,"total-updates":0,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":63,"global_ts_usec":1637349011376367}
 00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011376367,"flow_dst_last_pkt_time":1637349011376367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1637349011376367,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1637349011376367,"flow_dst_last_pkt_time":1637349011376367,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1637349011376367,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8TGJAAEAGkyTAqAGAj8wJQb8WAbs5hVBVAAAAAKAC+vA+\/wAAAgQFtAQCCAoHfmCrAAAAAAEDAww="}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":1637349011376367,"flow_dst_last_pkt_time":1637349011393884,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1637349011393884,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8T5MAAPMGHPOPzAlBwKgBgAG7vxa2dgKJOYVQVqASBZSQpgAAAgQFoAQCCArIQyJ4B35gqwEDAwk="}
@@ -70,7 +70,7 @@
 01248{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011396134,"flow_dst_last_pkt_time":1637349011393908,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1637349011396134,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.DisneyPlus","proto_id":"91.71","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"prod-static.disney-plus.net","domainame":"prod-static.disney-plus.net","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 01293{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011396134,"flow_dst_last_pkt_time":1637349011405023,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1637349011405023,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.DisneyPlus","proto_id":"91.71","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"prod-static.disney-plus.net","domainame":"prod-static.disney-plus.net","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 00976{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":12,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088168165179,"flow_dst_last_pkt_time":1631088168165177,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1344,"flow_src_tot_l4_payload_len":610,"flow_dst_tot_l4_payload_len":5004,"midstream":0,"thread_ts_usec":1637349011425927,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":285,"packets-processed":284,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":121431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":7,"total-detection-updates":8,"total-updates":0,"current-active-flows":1,"total-active-flows":7,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":73,"global_ts_usec":1642584017659993}
+00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":285,"packets-processed":284,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":121431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":7,"total-detection-updates":8,"total-updates":0,"current-active-flows":1,"total-active-flows":7,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":73,"global_ts_usec":1642584017659993}
 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584017659993,"flow_dst_last_pkt_time":1642584017659993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1642584017659993,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":1642584017659993,"flow_dst_last_pkt_time":1642584017659993,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1642584017659993,"pkt":"CL6sCxdumt9Y+uvcCABFAAA8EtFAAEAG2zrAqAypFwxoU5lQAbvzO0RFAAAAAKAC\/\/9KaQAAAgQFtAQCCApYVYYCAAAAAAEDAwk="}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_src_last_pkt_time":1642584017659993,"flow_dst_last_pkt_time":1642584017680129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1642584017680129,"pkt":"mt9Y+uvcCL6sCxduCABFAAA8AABAADcG9wsXDGhTwKgMqQG7mVB1nT8a8ztERqAS\/ojzIwAAAgQFtAQCCAqw3vMWWFWGAgEDAwc="}
@@ -80,12 +80,12 @@
 00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":5,"flow_src_last_pkt_time":1642584017683650,"flow_dst_last_pkt_time":1642584017706128,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1642584017706128,"pkt":"mt9Y+uvcCL6sCxduCABFAAA0SOBAADcGrjMXDGhTwKgMqQG7mVB1nT8b8ztGS4AQAfocSAAAAQEICrDe8zFYVYYZ"}
 01280{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584017683650,"flow_dst_last_pkt_time":1642584017706175,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1642584017706175,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AccuWeather","proto_id":"91.280","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":5,"category":"Web","hostname":"api.accuweather.com","domainame":"api.accuweather.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1713ht_5b57614c22b0_eca864cca44a","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
 00982{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":14,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011425914,"flow_dst_last_pkt_time":1637349011425927,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":792,"flow_dst_tot_l4_payload_len":6975,"midstream":0,"thread_ts_usec":1642584019409362,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.DisneyPlus","proto_id":"91.71","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":315,"packets-processed":314,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":128021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":8,"total-detection-updates":9,"total-updates":0,"current-active-flows":1,"total-active-flows":8,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":83,"global_ts_usec":1643355518166568}
+00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":315,"packets-processed":314,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":128021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":8,"total-detection-updates":9,"total-updates":0,"current-active-flows":1,"total-active-flows":8,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":83,"global_ts_usec":1643355518166568}
 00784{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1643355518166568,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1250,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1250,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1250,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1643355518166568,"l3_proto":"ip4","src_ip":"192.168.1.123","dst_ip":"216.58.209.46","src_port":59102,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 02217{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1292,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1292,"pkt_l4_len":1258,"thread_ts_usec":1643355518166568,"pkt":"pJGxgjQ5SKRyNpegCABFAAT+PElAAIARThnAqAF72DrRLubeAbsE6urRwAAAAAEIZ7HskbOWr9QAAETQNKtjIjiCXCI+9vqBWPy31G7jDH4RlwYv0XhaWuj0UrdcSVWZIrVwzwDrJa8dEWOeUvaAw7BXeYev6bi8Nu9Z4LWOvt0+XPgNkeHB6PvaZ9N4cpB1UIRx6byg5QljaxCkgdia5\/WZz2yX\/TayWJG0egLwFK4DYqDDADilA59ewmPTSu6+F3\/EVfKw86o2Yio5HeQqtUOtEdw6pRwxBehgjTrZf0PMuk40XDPug94YB\/sEApD8Ghq1zUUVofn\/jZoji68n+CZ74BkmZ8LSaemosx3Vm7YV3yQUauQU4lBHNM2XdkooJSDGv9YINXu8hmpHdW\/1encLGdPSyOJC8itWve1maDbUaMRhrbQrpaAPeVfgND5alDCN2DMGvFe3nB6Pz2LOpDsj\/3ZN3caT5Nt0nSv8HN+DYWZc+2JmBlBY71FJ57bmTqruFnoZ\/GjM0BGxB5WlpJ0M3zE3M16k0p8WRYGK3bOkXFB5rtEix709VUri+WnB1ivvzP4A8iO977JvKVGlPddOYZ4k7qZne6v\/jb1y0P5AatOM7YYIeRI7u8jf\/xM8RY8UTL\/Pv+EQzBcgac+DyXJSt\/sJo+Uuz0dGCYpa4Aa01DbWUiA5x+j4g5WT5LGdKrytMkGgkIcVSlNAt4nWOQc2IroqJjfmf+NbusGe\/Gviz5jV93bOaTFv7sGyuvESP0iH2MD2mwPgizF6t5EabtXWaevGbit0evQ9O3bHeRpQwTlwh0hRD7WqrIf0Wri9spAJN53856UKZFRupvrVqTH40ht5wGl2g3HXmJvEKnWBsD1hEB3sacVd4lWjKim62JMTY6yUmMhRBlNu2AupnyFsChUJ1NgsRbg5cQPowXRIBVG8WcjCs7OHKUH\/zza5xjXEz1FrdKQASDLCvFyh9YUzlRmDx7d99nX5vf9AwJejikY1uel\/yRMHcT9IqYO0kZBeGiX2ZDJD7vD1sF+05Qq++ztAL3CTqhuU\/7KSbWKiGOoFGj9phj6fZiE+g9e7+HIVuvPAKr+aSbxS71gHelt+hKMcDj7jdDFk5P6TqQdUXfqrnN38RDusNZmvWB+23Sj9NvIjlpua1MtXRWVJaLY5mX9AL1kTENCHtxomZwiXSqkSWtzS8dZocOlqjfWrd2hnw5yl8b7T0843OsmN6ZOoho4X9bhFw\/52C+NFDBAC42\/6jsH2i4NdbJBqOAuf4tLWi3oaJ\/0r5Y0wWyVnBbFtq1sx6d6EHxqir52O50dkkD8SF7j+wGSCG2L1l5bcQGnAqpzpZNB8AgofMTbrgYgdYIyrh\/neffOlCQyXy2EgLb\/xWEt+QftF8p5n2FzevDADqTCGGVeWULgrEsb\/3qULNf4uZHaY4HBD6To7yTuITvaXdqFt30MJBKnhBexi0dhA\/MGpMyVJfR\/PhbhWZmiNdx\/LRAV2Semg\/nPWe+DzSBBXm7wJXZiE\/8ewkRVdkujJi\/QhXAX0aOL76X77YYeny\/V35WiIqUmuxRHrBRdP5AMMQo\/adJoX4bzVdEvw3cGw7\/\/hO2VzwL5m0trABzWAWdjRjsrTEu\/mWAVCZDP5\/peoG8YXeXsdHWwpRLyNJpzOlRz5aND24Jgn5x2v3PqoD5RBiIEHwD8jlV2fRCZXq1e7tPV6eLhSI74="}
 01262{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1643355518166568,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1250,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1250,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1250,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1643355518166568,"l3_proto":"ip4","src_ip":"192.168.1.123","dst_ip":"216.58.209.46","src_port":59102,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.GoogleClassroom","proto_id":"188.281","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative","hostname":"classroom.google.com","domainame":"classroom.google.com","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0310h0_55b375c5d22e_cd85d2d88918","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
 00974{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":14,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584019409362,"flow_dst_last_pkt_time":1642584019407774,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":924,"flow_dst_tot_l4_payload_len":5666,"midstream":0,"thread_ts_usec":1643355518166568,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AccuWeather","proto_id":"91.280","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":5,"category":"Web"}}
-00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":316,"packets-processed":315,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":129271,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":9,"total-updates":0,"current-active-flows":1,"total-active-flows":9,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":88,"global_ts_usec":1646482623895784}
+00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":316,"packets-processed":315,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":129271,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":9,"total-updates":0,"current-active-flows":1,"total-active-flows":9,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":88,"global_ts_usec":1646482623895784}
 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482623895784,"flow_src_last_pkt_time":1646482623895784,"flow_dst_last_pkt_time":1646482623895784,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482623895784,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"31.222.67.112","src_port":35054,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":1646482623895784,"flow_dst_last_pkt_time":1646482623895784,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482623895784,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8U5dAAEAGwa7AqAGAH95DcIjuAbuZU7+5AAAAAKAC+vB+rAAAAgQFtAQCCAqYsCyFAAAAAAEDAwc="}
 00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":2,"flow_src_last_pkt_time":1646482623895784,"flow_dst_last_pkt_time":1646482623937401,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646482623937401,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0AABAADIGI04f3kNwwKgBgAG7iO5SHRbemVO\/uoASa9CRawAAAgQFUAEBBAIBAwMH"}
@@ -250,7 +250,7 @@
 02490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":4,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012821762,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646483012821762,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXch65AAOYGfOEoYaACwKgBgAG7m5Tksd5e67EgM1AQCAPV9wAAFgMDEU4CAABZAwNiI1ZE1H27b6T6JRvCm\/MD0luKFyMTDe3jrQbpiHy4ICC5MgAADb+Tw4RbiKuNvdQaqUF3iqCf4+0IdypYCofcN8AwAAARAAUAAAAjAAAAFwAA\/wEAAQALAA2dAA2aAAiqMIIIpjCCB46gAwIBAgIQBlZfm2qDLxvIgJ9OV3KS5zANBgkqhkiG9w0BAQsFADBLMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSUwIwYDVQQDExxEaWdpQ2VydCBDbG91ZCBTZXJ2aWNlcyBDQS0xMB4XDTIxMTIyMjAwMDAwMFoXDTIyMTIyMjIzNTk1OVowajELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEUMBIGA1UEAxMLb3V0bG9vay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB9wlkgtAgWRPrtQjN+hjPY9n1E5BhRmtLNo5GgPTzKcmU9tJGqc3zsJF3xgbCIc1AB8dt7DonJfZNasePo6d0IRrMqsbrNLn0GUGS9qjY3dLxV51XQ61Sd9T5EQIE\/XwKZh3BtIehwUH0rE3omOA9+auyHPSNQb+BS4A5N6ZgG9TmdvEIgWfY9f1Id2M+DUxfatVW0Jp89Wvw8GBDfyzllLm0\/EDzmv3rk1vx4MWpb91yl2TwrYu1EMiyNNtVWRMGhTp1gkz5aMgVZO6TpdbLjcEUMxNrBEfUptVSqyzS++eERCA14Kg2rdfoONwwYHx3GIbJwcFbAJhsLXa\/I7dxAgMBAAGjggVlMIIFYTAfBgNVHSMEGDAWgBTdUdCiMXOpc66PtAF+XYxXy5\/w9zAdBgNVHQ4EFgQU3Odtv0FtIj23r9K5dpo4sXI2NS8wggIQBgNVHREEggIHMIICA4IWKi5pbnRlcm5hbC5vdXRsb29rLmNvbYINKi5vdXRsb29rLmNvbYILb3V0bG9vay5jb22CDW9mZmljZTM2NS5jb22CDyoub2ZmaWNlMzY1LmNvbYIXKi5vdXRsb29rLm9mZmljZTM2NS5jb22CDCoub2ZmaWNlLmNvbYISb3V0bG9vay5vZmZpY2UuY29tghRzdWJzdHJhdGUub2ZmaWNlLmNvbYIbYXR0YWNobWVudC5vdXRsb29rLmxpdmUubmV0gh1hdHRhY2htZW50Lm91dGxvb2sub2ZmaWNlLm5ldIIgYXR0YWNobWVudC5vdXRsb29rLm9mZmljZXBwZS5uZXSCFmF0dGFjaG1lbnRzLm9mZmljZS5uZXSCFiouY2xvLmZvb3RwcmludGRucy5jb22CFioubnJiLmZvb3RwcmludGRucy5jb22CHWNjcy5sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tgiFjY3Mtc2RmLmxvZ2luLm1pY3Jvc29mdG9ubGluZS5jb22CGHN1YnN0cmF0ZS1zZGYub2ZmaWNlLmNvbYIaYXR0YWNobWVudHMtc2RmLm9mZmljZS5uZXSCCioubGl2ZS5jb22CFm1haWwuc2VydmljZXMubGl2ZS5jb22CC2hvdG1haWwuY29tgg0qLmhvdG1haWwuY29tMA4GA1UdDwEB\/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgY0GA1UdHwSBhTCBgjA\/oD2gO4Y5aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0Q2xvdWRTZXJ2aWNlc0NBLTEtZzEuY3JsMD+gPaA7hjlodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRDbG91ZFNlcnZpY2VzQ0EtMS1nMS5jcmw="}
 02505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":5,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012821837,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646483012821837,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXch69AAOYGfOAoYaACwKgBgAG7m5TkseQS67EgM1AQCAPVywAAMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB8BggrBgEFBQcBAQRwMG4wJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NweC5kaWdpY2VydC5jb20wRQYIKwYBBQUHMAKGOWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydENsb3VkU2VydmljZXNDQS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAX3fdqGRAAAEAwBHMEUCIG19vZQ3ztPNq5S85GBThQ4+TBDHFxFC0nXZ4LXpUu3rAiEA8+M15TzZmOUopQftFbHUpCuDhU09pI7ZIoZ4rqlvzwYAdwBRo7D1\/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAX3fdqIKAAAEAwBIMEYCIQCCt\/CWyrB3z5L9JJQqtKhuKwSHXVPO\/nIzLQIRvE8QSAIhALAUu2+684sYBmTAWbK9qLsoHMJRLVDtf7PKkkuPEhCsAHUAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF933aiIAAABAMARjBEAiAmY6DHSC0PRZfjQURv9gfH7XNEvLtjnimdIZ9DL1pP\/wIgEm240\/6jgHbB2vouW4klCYLhx1mBUl2EGyo40QGnLN8wDQYJKoZIhvcNAQELBQADggEBAKs0Do0f0D7XJa8EwMbjj8gm+KWD\/Y615EL0mYouOSdmvSw1h3kWcf3Z3gP9p7LPMTiWc9WgaATbbQQyCdIiD4lE+y\/Hgw+bok2WmRbY6mYbpvHNrk5MrGqzAuJQP6PKt3aBz7PPYPmXPTacuSVPid0KRE9WekJR9Qbk7uWzQ9sUrU4qL0vpapgXTftedAVBzNTW+x6T9ZQXCGPbPWrvcN8p2WRUpvQPorVZ+8K6hKQ74Unfe858rN6lgFCEo0o1k\/W4HSPYM\/GX2BRkg5zPfLO7nMgTuWoOm6j0aPk8QFiDRXKTGIlkTm3CU1U8PU5zGVtJrxLepFiwH8haosDkiUMABOowggTmMIIDzqADAgECAhAPFxpIxvIjgJIYzS7W3cDoMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMB4XDTIwMDkyNTAwMDAwMFoXDTMwMDkyNDIzNTk1OVowSzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzElMCMGA1UEAxMcRGlnaUNlcnQgQ2xvdWQgU2VydmljZXMgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGt9ocUeVQnV8cvBWg8mzzNZ+xFECyE8qRHxNlTQkUJu+T+M8HXvEYv0Yvmt7VneHxqcL79uOW2VM9MXqy4InRzVSkIc8hk99CVCQ55g1C\/X\/XUzJtCYY6ABLlBqs5OEpmbrNbFvlsCc7UWpKtxYtSY6kA5hab2uy\/o54fCi\/acMs3s+D6\/ied0I4JL2uq\/c6YlPP2\/qeVo\/\/gwomDHOy6j88V\/Ozv9DzGhfHQP0L8UxL1o8aXna6ffmwB+RiVO5ugT8\/YGx9RvCycgQl1hvD9g0nyWcsl8sIv\/+UgFUwT6Iq+3zVFdbd2QdAPwM0\/0x8A+VkZHr3Mgi9x6PqPyXf8CAwEAAaOCAa4wggGqMB0GA1UdDgQWBBTdUdCiMXOpc66PtAF+XYxXy5\/w9zAfBgM="}
 02010{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646483012464918,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012821897,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4435,"midstream":0,"thread_ts_usec":1646483012821897,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"40.97.160.2","src_port":39828,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Outlook","proto_id":"91.21","proto_by_ip":"Outlook","proto_by_ip_id":21,"encrypted":1,"breed":"Acceptable","category_id":3,"category":"Email","hostname":"outlook.com","domainame":"outlook.com","tls": {"version":"TLSv1.2","server_names":"*.internal.outlook.com,*.outlook.com,outlook.com,office365.com,*.office365.com,*.outlook.office365.com,*.office.com,outlook.office.com,substrate.office.com,attachment.outlook.live.net,attachment.outlook.office.net,attachment.outlook.officeppe.net,attachments.office.net,*.clo.footprintdns.com,*.nrb.footprintdns.com,ccs.login.microsoftonline.com,ccs-sdf.login.microsoftonline.com,substrate-sdf.office.com,attachments-sdf.office.net,*.live.com,mail.services.live.com,hotmail.com,*.hotmail.com","ja3s":"71d9ce75f347e6cf54268d7114ae6925","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1","subjectDN":"C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"4E:39:B4:13:4B:8C:77:57:7D:80:3D:76:40:E8:88:22:05:00:1C:58","blocks":0}}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":434,"packets-processed":433,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":185341,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":29,"total-detection-updates":32,"total-updates":0,"current-active-flows":24,"total-active-flows":33,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":253,"global_ts_usec":1646495488872237}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":434,"packets-processed":433,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":185341,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":29,"total-detection-updates":32,"total-updates":0,"current-active-flows":24,"total-active-flows":33,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":253,"global_ts_usec":1646495488872237}
 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495488872237,"flow_src_last_pkt_time":1646495488872237,"flow_dst_last_pkt_time":1646495488872237,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488872237,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"15.160.39.187","src_port":45898,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":1646495488872237,"flow_dst_last_pkt_time":1646495488872237,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495488872237,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8\/MhAAEAGRHDAqAGAD6Anu7NKAbvmP22QAAAAAKAC+vBpUQAAAgQFtAQCCAoE\/txmAAAAAAEDAwc="}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_packet_id":2,"flow_src_last_pkt_time":1646495488872237,"flow_dst_last_pkt_time":1646495488880478,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495488880478,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADIGTzkPoCe7wKgBgAG7s0optQbo5j9tkaAS9LPzBQAAAgQFtAQCCAoEQEeaBP7cZgEDAwc="}
@@ -290,10 +290,10 @@
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":1646495650748124,"flow_dst_last_pkt_time":1646495650748124,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495650748124,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8GIFAAEAGaR3AqAGANHHChOIWAbvSHIRRAAAAAKAC+vCUIQAAAgQFtAQCCApnoF3vAAAAAAEDAwc="}
 00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":2,"flow_src_last_pkt_time":1646495650748124,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495650768253,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0H0NAAHQGLmM0ccKEwKgBgAG74hatJvO00hyEUoAS\/\/\/a2QAAAgQFoAEDAwgBAQQC"}
 01229{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":3,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495650768482,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItGINAAEAGZyrAqAGANHHChOIWAbvSHIRSrSbztVAYAfbGZQAAFgMBAgABAAH8AwO6eoC9IxGTkdV9vVeJGWk4znzi7kZuVq2WW+Nl\/2Sg0SCU+jy21h8ySE7r\/PfMeW\/+6AejiqSkX1JQLDj\/qy1dewAgSkoTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTCgoAAAAAABUAEwAAEHRlYW1zLm9mZmljZS5jb20AFwAA\/wEAAQAACgAKAAjKygAdABcAGAALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAADQASABAEAwgEBAEFAwgFBQEIBgYBABIAAAAzACsAKcrKAAEAAB0AIP361tTnT+5yNMG5uzlpGoadVy4F1\/ksgWxYfkq0hvgPAC0AAgEBACsABwYaGgMEAwMAGwADAgACRGkABQADAmgyWloAAQAAFQDHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-01233{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495650768482,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Teams","proto_id":"91.250","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative","hostname":"teams.office.com","domainame":"teams.office.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
+01246{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495650768482,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft365","proto_id":"91.219","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Acceptable","category_id":15,"category":"Collaborative","hostname":"teams.office.com","domainame":"teams.office.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
 02497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":4,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804279,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495650804279,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcH0VAAHUGJ7k0ccKEwKgBgAG74hatJvO10hyGV1AQBACfWAAAFgMDD1ECAABiAwNiI4ei5YRNuy2OmywGACayueg1qbPXmXIcqQLyEbh0kSDMNgAAahCvQqRJprL3QEMn2EkfKvJsk5Uz6nFmODR83sAwAAAaACMAAAAQAAUAAwJoMgAXAAD\/AQABAAAAAAALAA12AA1zAAgPMIIICzCCBfOgAwIBAgITEgAX5vHA305TdHMSCwAAABfm8TANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMTAeFw0yMTA5MDYyMjAyMDZaFw0yMjA5MDYyMjAyMDZaMBsxGTAXBgNVBAMTEHRlYW1zLm9mZmljZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZHV5h+NwsEBtaHtLKXJoP1ZQRHJt1aJ7UJXi0Nyg42Oq7rqdS9q50qaMOj8mjtDcBLe9a5nJdUTe5\/A83BRTsm+E936LxK\/HNHW8w1Nr62DgoG4pekVGA9CDOo3AGRtgan\/rbV8hCm2Uw+h19AxObusrWRf3oUegIrqXRr58ZAnq5sK69oKyLr5HvLtWPaArXeCmDrEzy7j1Y6RcgYdFlyC9jL8l8neIhu\/KaUiLODUqdwAxaNeINhwK8SfIQfziFO0BosI7RBicovG7geMHuhyNMMr0LDo\/Xq5kQ5h\/NdK\/+WWh4Ht4XsXJYns0PTxExCdY3QHLFxuZJw3SO47NBAgMBAAGjggQSMIIEDjCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcARqVV63X6kSAwtaKJafTzfREsQXS+\/Um4havy\/HD+bUcAAAF7vSs+5QAABAMASDBGAiEAonjfpBbSm3nHRZAbEfpncC3C5RzBbegUTYwBhoou1EsCIQCelUHtsbLdVgFYlsDftjojF\/hac9xApX58m5SH8+g5WQB2AFGjsPX9AXmcVm24N3iPDKR6zBsny\/eeiEKaDf7UiwXlAAABe70rProAAAQDAEcwRQIhANjQ3Fm5YD7ZKfIAkpLsGDcsq6sa8kYYvJc3USn3qMIlAiBT+tQvO5yR88ii\/dtdnt69nKOpLD2xAANcDUfS0t9WcwB2ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABe70rPp4AAAQDAEcwRQIhAJxP7ULGZ4kEuWGuTDMFNy1qboWh6IxtqNIco0Xn78syAiBxYJ4OPQkUcuezv1Ad1XdydanXi4j+lfe+ayssk92anzAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMBMAoGCCsGAQUFBwMCMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD7tkBgsmFG4G1nmGF9OtggV2Fho5Bh8KYUAIBZAIBJzCBhwYIKwYBBQUHAQEEezB5MFMGCCsGAQUFBzAChkdodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAxLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTAdBgNVHQ4EFgQUh855pDsSg4T3Ruw4gLdcAilfT\/swDgYDVR0PAQH\/BAQDAgSwMBsGA1UdEQQUMBKCEHRlYW1zLm9mZmljZS5jb20wgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIZNaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcmyGS2h0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC8="}
 02506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":5,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804323,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495650804323,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcH0ZAAHUGJ7g0ccKEwKgBgAG74hatJvlp0hyGV1AQBAB1BAAATWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcmwwVwYDVR0gBFAwTjBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMAgGBmeBDAECATAfBgNVHSMEGDAWgBS1dgwwEc7HkkJNTMdcLMipDOgLZDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBABuhwOU31koi5iKg9Q\/epQv9qBrE4Ltx8oVqrgYBKx4NnBjFi1xsPcTSZqNm0Nc+Gw5+PBUVzqYxMT8680kRWaFOS06XLASEY\/amlybn4b\/hxyklpXHbiJoQQhERkyT9vZjwRnFbiHS0DVMifhsugt0\/9di59YclEiclB3NQ7Wan13Bf9rqNkCsETRZCv9atvi0Ek9O3vxaDAOPToOs5FEQ93fgmyUe5q9H26VKbI2Iet8RyIgeEENOW9gtEMLTVmeFAZWKrwzh7Ullh0joA6eTTZOBllDVv8VivhxSZ3k781FuCYxMcZQvaXJo1RuiMCto7iZsF0zihXdnQIrEPFLUQAjzUJhyKtdv7zYw0tpfrlJeNkPIHsqcUqL8kezdGuCGyjXSgiB0H3fvHzOfg6gyZlYneoXdGGNnH4vNOvWAA1PdFPX1AR6a0hVY8T4t5Qlpwh3XY6IsCqvNFnkrZJ4MXuNhuYjrCPYvZ\/vbYQgEs7J\/rBmgiWcHaav7NICHOj8OW+m9O97A2NbUX\/BDbDkSh\/z8ZUv\/eD0QxNWhIjizJYm\/wpgcOBI+U4SMREYmxiJC6q5kOPzdBENNvGECbAkLE97X+k+RqZBSLBzioT3VFYeJMqvTRtHQpJGMVYHIq2hCf4oV8hBgPu3\/Joywosj1FMvOsl\/tDInVTb31fpWhxAAVeMIIFWjCCBEKgAwIBAgIQDxSWXyAgaZlP1ceseIlB4jANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDcyMTIzMDAwMFoXDTI0MTAwODA3MDAwMFowTzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXTWljcm9zb2Z0IFJTQSBUTFMgQ0EgMDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqYnfPmmOyBoTzkDb0mfMUUavqlQo7Rgb9EUEf\/lsGWMk4bgj8T0RIzTqk970eouKVuL5RIMW\/snBjXXgMQ8ApzWRJCZbar879BV8rKpHoAW4uGJssnNABf2n17j9TiFy6BWy+IhVnFILyLNK+W2M3zK9gheiWa2uACKhuvgCca5Vw\/OQYErEdG7LBEzFnMzTmJcliW1iCdXby\/vI\/OxbfqkKD4zJtm45DJvC9Dh+hpzqvLMiK5uo\/+aXSJY+SqhoIEpz+rErHw+uAlKuHFtEjSeeku8eR3+Z5ND9BSqc6JtLqb0bjOHPm5dSRrgt4nnil75bjc9j3lWXpBb9PXP9Sp\/nPCK+nTQmZwHGjUnqlO9ebAVQD47ZisFonnDAmjrZNVqEXF3p7laEHrFMxttYuD81BdOzxAbL9Rb\/8MeFGQjE2Qx65qgVfhH+RsYuuD9dUw\/3wZAhq05yO6nk07AM9c+AbNtRoEcdZcLCHfMDcbkXKNs5DJncCqXAN6LhXVERCw\/usG2MmCMLSIx9\/kwt8bwhUmitOXc6fpT7SmFvRAtvxg84wUkg4Y\/Gx++0j0z6StSeN0EJz150jaHG6WV4HUqaWTb8="}
-01531{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804336,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3926,"midstream":0,"thread_ts_usec":1646495650804336,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Teams","proto_id":"91.250","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative","hostname":"teams.office.com","domainame":"teams.office.com","tls": {"version":"TLSv1.2","server_names":"teams.office.com","ja3s":"104071bf77c5f0d7bae5f17542ba9428","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01","subjectDN":"CN=teams.office.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","fingerprint":"27:20:65:85:4C:34:BF:09:F0:25:56:B8:50:A7:4D:38:8C:45:82:80","blocks":0}}}
+01544{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804336,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3926,"midstream":0,"thread_ts_usec":1646495650804336,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft365","proto_id":"91.219","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Acceptable","category_id":15,"category":"Collaborative","hostname":"teams.office.com","domainame":"teams.office.com","tls": {"version":"TLSv1.2","server_names":"teams.office.com","ja3s":"104071bf77c5f0d7bae5f17542ba9428","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01","subjectDN":"CN=teams.office.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","fingerprint":"27:20:65:85:4C:34:BF:09:F0:25:56:B8:50:A7:4D:38:8C:45:82:80","blocks":0}}}
 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495669804673,"flow_src_last_pkt_time":1646495669804673,"flow_dst_last_pkt_time":1646495669804673,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495669804673,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.185.106","src_port":33664,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_packet_id":1,"flow_src_last_pkt_time":1646495669804673,"flow_dst_last_pkt_time":1646495669804673,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495669804673,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8GxZAAEAGN4nAqAGAbIq5aoOAAbvmWe+jAAAAAKAC+vCvxQAAAgQFtAQCCAqEU9WfAAAAAAEDAwc="}
 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_src_last_pkt_time":1646495669804673,"flow_dst_last_pkt_time":1646495669812499,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495669812499,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8yYIAAPcGEhxsirlqwKgBgAG7g4CERzW35lnvpKAS\/\/\/nPAAAAgQFoAQCCArIqUDThFPVnwEDAwg="}
@@ -312,15 +312,15 @@
 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":1,"flow_src_last_pkt_time":1646495710343950,"flow_dst_last_pkt_time":1646495710343950,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495710343950,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8tchAAEAGPx\/AqAGADVF2W4FOAbtTwyfkAAAAAKAC+vBryAAAAgQFtAQCCAom4HXhAAAAAAEDAwc="}
 00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":2,"flow_src_last_pkt_time":1646495710343950,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495710376199,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0mxFAAG4GK94NUXZbwKgBgAG7gU7a1m2vU8Mn5YAS\/\/\/iBwAAAgQFoAEDAwgBAQQC"}
 01226{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495710381269,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAIttcpAAEAGPSzAqAGADVF2W4FOAbtTwyfl2tZtsFAYAfZlCgAAFgMBAgABAAH8AwMcPgJU1zrnl+hPKuEgTOmCA8DSxG0x4ZP+nrnS1ukwmSB2tLYK4RsCmYHQ+tv7RzCytXVHC3ipih0buXJEGgMzzAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAARAA8AAAxvbmVkcml2ZS5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgkhEItWzjEiug\/WBaiPCJVLwOMCFSobcq6gZ3ZM5d7hUAFwBBBKUDUTjCPdZ8Ll1S+z857hqnZsJZ3Vatea3adXIfU3XxBdTrso0nY7PLm8teDMagz\/bdRE3yXoqXxIphrdW4ROsAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-01226{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710381269,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"3":"DPI (partial)"},"proto":"TLS.Teams","proto_id":"91.250","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative","hostname":"onedrive.com","domainame":"onedrive.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
+01195{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710381269,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"onedrive.com","domainame":"onedrive.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 02490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":4,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415097,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710415097,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcmxJAAG4GJjUNUXZbwKgBgAG7gU7a1m2wU8Mp6lAQCANgpgAAFgMDFsoCAABeAwNiI4feoEoKP3I3CdJ4sDFO3BuDpC7rFmqWm4QRfpSjJiBNIgAAst+U8DPkQWm2nccVUJ2TFGizMiUJjRRWvVyIpsAwAAAWAAUAAAAQAAUAAwJoMgAXAAD\/AQABAAsADh0ADhoACLYwggiyMIIGmqADAgECAhMSABY7tDvBQMLQD1gyAAAAFju0MA0GCSqGSIb3DQEBCwUAME8xCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIDAeBgNVBAMTF01pY3Jvc29mdCBSU0EgVExTIENBIDAxMB4XDTIxMDgxMzA3MzgyNFoXDTIyMDgxMzA3MzgyNFowFzEVMBMGA1UEAxMMb25lZHJpdmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M4TKEOtsydwK0gk2Qpndywdv7K655kZl9DpvHQTqbG8+JTigP54mQxQhhYqGvUSIhxm7+arTn3RClb23KP0YST09bIy5PgvMoRXvCmydw9wkIqYfHMW\/kHNZNOBME7WKwNFun5jY\/cMdmRjsCLJxAO7QOiEpDcM5646BmpHG6jxjLCWSEcWvnO5AZAkMyyQBLnDYdzNSQMzdA2ym4ljwMrig2l8bjVVOJYJjrbeTefNEzUuAf0k3mEAw82zuJaFt\/6pnqhQQe\/lR81NVZ4bRNNgT33UOYPc+ekWUhxn6hIx0BkPkk8WlxF9MiPq\/qpQ74qgOKxDcu22TwCeK4vKwQIDAQABo4IEvTCCBLkwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB2ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABez571FgAAAQDAEcwRQIgFyHEiUTiORwDnx+eNf+yDJ0BuJSaT36p1neAXJK61O4CIQDQWABqwY8NAOIICxniHASKuKeYdAQ8QfySGjqwBnE9FQB1AEHIyrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABez571GEAAAQDAEYwRAIgfNnYzNPNG4iOz0lGcHtb6Nv3g0g8lXttIxegSBOM4AwCIDsR6e9UV1Wij7UZAv4lBJFc9vjkAobhEO1zJUB1cWXPAHUAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAF7PnvVFwAABAMARjBEAiBw84G3c+x82YV7tJ21NlE3onfX6p2I0OMcLwYCWLVbgwIgNwWmsGEsKlUIH3+g5ZaBfhSgtJ0lIqkQyJe3Mg1gkEYwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDATAKBggrBgEFBQcDAjA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7ZAYLJhRuBtZ5hhfTrYIFdhYaOQYfCmFACAWQCAScwgYcGCCsGAQUFBwEBBHsweTBTBggrBgEFBQcwAoZHaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcnQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLm1zb2NzcC5jb20wHQYDVR0OBBYEFOsHNlp\/A4ATvAS2MVxy2vuUB2DTMA4GA1UdDwEB\/wQEAwIEsDCByAYDVR0RBIHAMIG9ggxvbmVkcml2ZS5jb22CCHAuc2Z4Lm1zggoqLmxpdmUuY29tggoqLmxpdmUubmV0ghMqLnNreWRyaXZlLmxpdmUuY29tghMqLm9uZWRyaXZlLmxpdmUuY29tgg4qLm9uZWRyaXZlLmNvbYILZC5zZngtZGYubXOCDyoub2R3ZWJiLnN2Yy5tc4IPKi5vZHdlYnAuc3ZjLm1zghAqLm9kd2ViZGYuc3ZjLm0="}
 02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":5,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415142,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710415142,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcmxNAAG4GJjQNUXZbwKgBgAG7gU7a1nNkU8Mp6lAQCAMrkwAAc4IQKi5vZHdlYnBsLnN2Yy5tczCBsAYDVR0fBIGoMIGlMIGioIGfoIGchk1odHRwOi8vbXNjcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAxLmNybIZLaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDEuY3JsMFcGA1UdIARQME4wQgYJKwYBBAGCNyoBMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NwczAIBgZngQwBAgEwHwYDVR0jBBgwFoAUtXYMMBHOx5JCTUzHXCzIqQzoC2QwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4ICAQCGkp\/5A4unIobaSLCqv0EROk6dP9NJO2qAhEzd3EaZ88LNPL0rrRdDFh837d9padYUl6afpISt\/vf8r5JfY7p2NAIXyfpXmMabjzoy2ShFI5Nz1W\/TL775BwVv9dU5mKxhAryZjwNrTWKkzGlf5cjC9Q+1S\/J6fIgJP1mZlNwFKK1hEx4QE\/GOIPBIQfmVgo8KU7aLaAQpHYmm+TVt5cUKiL+1yq5simdJUvrf6tmOM8GyRBNKutRns7sTD+IBkZLy08a\/u7Pb2+hDQEyRhUkjF4ZpweAtZbPw+NGbjrX3ar3mpjZyQcniQirFXXRuTwF8jmJGfE76WSCwyTm1g3pPgTWqQ2vG4QUKCyvCOvV6NN4rdSg1Mj\/Jng3IaMRvvkbFLNeCKnhY43lVqccHmqmFzwMKHJhxN7+mP2oEUbffAxfbyCe3\/6w2ZvTOOKdM5yQ2ydLMm4msRs6iiRXAX46nbCQiSxn3fZ2uWIclcKejfYQSROa3\/9hwWlJnwdIbT2klSXuHr6xJBd3dygrgUH3ap5fPgNrbKkigSTpL8QyxHfvr+uHMk8pKEK9IP5KzHI9WWuFZlVjk7VE83V508LXHk75wGT0p+c5whz2r17pahA+6qY7VVCMkSURcm6RCgI2hL6qL51F2fXfWSUkxuM0jrCVWAsDhqqjUGXESEUpbpQAFXjCCBVowggRCoAMCAQICEA8Ull8gIGmZT9XHrHiJQeIwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVyVHJ1c3QgUm9vdDAeFw0yMDA3MjEyMzAwMDBaFw0yNDEwMDgwNzAwMDBaME8xCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIDAeBgNVBAMTF01pY3Jvc29mdCBSU0EgVExTIENBIDAxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqmJ3z5pjsgaE85A29JnzFFGr6pUKO0YG\/RFBH\/5bBljJOG4I\/E9ESM06pPe9HqLilbi+USDFv7JwY114DEPAKc1kSQmW2q\/O\/QVfKyqR6AFuLhibLJzQAX9p9e4\/U4hcugVsviIVZxSC8izSvltjN8yvYIXolmtrgAiobr4AnGuVcPzkGBKxHRuywRMxZzM05iXJYltYgnV28v7yPzsW36pCg+MybZuOQybwvQ4foac6ryzIiubqP\/ml0iWPkqoaCBKc\/qxKx8PrgJSrhxbRI0nnpLvHkd\/meTQ\/QUqnOibS6m9G4zhz5uXUka4LeJ54pe+W43PY95Vl6QW\/T1z\/Uqf5zwivp00JmcBxo1J6pTvXmwFUA+O2YrBaJ5wwJo62TVY="}
-01666{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415159,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5839,"midstream":0,"thread_ts_usec":1646495710415159,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft","proto_id":"91.212","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":13,"category":"Cloud","hostname":"onedrive.com","domainame":"onedrive.com","tls": {"version":"TLSv1.2","server_names":"onedrive.com,p.sfx.ms,*.live.com,*.live.net,*.skydrive.live.com,*.onedrive.live.com,*.onedrive.com,d.sfx-df.ms,*.odwebb.svc.ms,*.odwebp.svc.ms,*.odwebdf.svc.ms,*.odwebpl.svc.ms","ja3s":"67bfe5d15ae567fb35fd7837f0116eec","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01","subjectDN":"CN=onedrive.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"50:2F:33:10:92:AC:27:7B:17:BE:82:68:3B:E2:29:AD:97:41:B7:BB","blocks":0}}}
+01674{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415159,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5839,"midstream":0,"thread_ts_usec":1646495710415159,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"onedrive.com","domainame":"onedrive.com","tls": {"version":"TLSv1.2","server_names":"onedrive.com,p.sfx.ms,*.live.com,*.live.net,*.skydrive.live.com,*.onedrive.live.com,*.onedrive.com,d.sfx-df.ms,*.odwebb.svc.ms,*.odwebp.svc.ms,*.odwebdf.svc.ms,*.odwebpl.svc.ms","ja3s":"67bfe5d15ae567fb35fd7837f0116eec","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01","subjectDN":"CN=onedrive.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"50:2F:33:10:92:AC:27:7B:17:BE:82:68:3B:E2:29:AD:97:41:B7:BB","blocks":0}}}
 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710534404,"flow_dst_last_pkt_time":1646495710534404,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710534404,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":1646495710534404,"flow_dst_last_pkt_time":1646495710534404,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495710534404,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8CqVAAEAGNnfAqAGADWsqDd4EAbvOscftAAAAAKAC+vD21AAAAgQFtAQCCArXIg8YAAAAAAEDAwc="}
 00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":2,"flow_src_last_pkt_time":1646495710534404,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495710555642,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0VKNAAHUGt4ANayoNwKgBgAG73gT+RZAmzrHH7oAS\/\/9wpwAAAgQFoAEDAwgBAQQC"}
 01227{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":3,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495710557378,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItCqdAAEAGNITAqAGADWsqDd4EAbvOscfu\/kWQJ1AYAfaM8QAAFgMBAgABAAH8AwNoOd\/HU8dseMv53a0gjDg57feHmv3ZKYt3PSUCEOAz7yDC+9qh9Lsnn2pjQO0NmdEK9+51DwzlDpkQTXJ0hGSXhgAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAWABQAABFvbmVkcml2ZS5saXZlLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACAI7FYCMeLngdMxbkPLy3IoQelSFCsyCvetq1oFf6z+UQAXAEEEWlI8xcTn+Mao6N7i2Le6X1KJI9pYZKIE\/2dqJMzsIrHC0C7HZlpYDP5BCM3Qrb983QL8azL17uscE+MtJARpvAArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
-01230{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710557378,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"onedrive.live.com","domainame":"onedrive.live.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
+01205{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710557378,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"onedrive.live.com","domainame":"onedrive.live.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":4,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710577506,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710577506,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcVKVAAHYGsNYNayoNwKgBgAG73gT+RZAnzrHJ81AQCAMfFwAAFgMDFs8CAABiAwNiI4felTmEG8xpkapnJZuLa\/s2HG1u+44zHSW4IrV27yB5PAAAf3fmivAcjmvMkcxXn29cxFgr9j4j+aMPxItMfMAwAAAaAAUAAAAjAAAAEAAFAAMCaDIAFwAA\/wEAAQALAA4eAA4bAAi3MIIIszCCBpugAwIBAgITfwAihO16gpMe82GhXwAAACKE7TANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMjAeFw0yMjAyMDEwMDEzMTVaFw0yMzAyMDEwMDEzMTVaMBcxFTATBgNVBAMTDG9uZWRyaXZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKoAmzA76zsofw7+fOUR6E1VJOItV6B42OhVLaXLBUkB\/DhNSK9Xwb8QSOHAEGpQdy0kvP28+zPgkBPPhQTf+93f+EYRB7Xu5P+bRtuYUIL+cpzvSLYELShoz3SJ+CQy3BOKLsqEraQ4EfPsNYX3QjrARzFGSDp9fY2bJbj3\/0e\/W0WvqafYuWX33WHzTqGCDleTqGmDPGLDkX\/IuBmF+BEGK17CvW3rMbqk8TH4lF1T\/ooVMPgBmiwvXSWzM7FXCvDPQOCIOyyrChq41ftB6fq5jbjIM69sKIAiVR+0H3ZYE+\/HYGvl70aEmz+KFIBgM2a79yTdwFZQoK\/uBiFmt30CAwEAAaOCBL4wggS6MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX6yqhjBAAAEAwBHMEUCIQCNLiElLMspsZARKBgFdiLnLjTr7bIsBQKjx\/HdJ5i\/AQIgCHv321Kesd0Xv1WzojtEsrdJtvb17s1Ive\/jZojLpNMAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAX6yqhcvAAAEAwBGMEQCIHNSg7SIpma30Bup8euV94y5w51P3\/EPEyajGtKwJfy\/AiBJpNTb1WgAwA86eqbtihKaMYdiPOrEJVXPoDQHoY9mYAB2AK33vvp8\/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABfrKqGksAAAQDAEcwRQIhAMk79ZnrtAY16juHuToTQfhZwbbD6N+4gUHjJAmOqdOMAiBIvxRBhwrUcc+rkCTZBLoC6PCJzJb3PHlr8AqGFrsG2TAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMBMAoGCCsGAQUFBwMCMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD7tkBgsmFG4G1nmGF9OtggV2Fho5Bh8KYUAIBZAIBJzCBhwYIKwYBBQUHAQEEezB5MFMGCCsGAQUFBzAChkdodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAyLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTAdBgNVHQ4EFgQUa\/En5jNYVPlWNaZtHxS1i+inhGMwDgYDVR0PAQH\/BAQDAgSwMIHIBgNVHREEgcAwgb2CDG9uZWRyaXZlLmNvbYIIcC5zZngubXOCCioubGl2ZS5jb22CCioubGl2ZS5uZXSCEyouc2t5ZHJpdmUubGl2ZS5jb22CEyoub25lZHJpdmUubGl2ZS5jb22CDioub25lZHJpdmUuY29tggtkLnNmeC1kZi5tc4IPKi5vZHdlYmIuc3ZjLm1zgg8qLm9kd2VicC5zdmMubXOCECoub2R3ZWJkZi4="}
 02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":5,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710577547,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710577547,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcVKZAAHYGsNUNayoNwKgBgAG73gT+RZXbzrHJ81AQCAPC1wAAc3ZjLm1zghAqLm9kd2VicGwuc3ZjLm1zMIGwBgNVHR8EgagwgaUwgaKggZ+ggZyGTWh0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDIuY3JshktodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMi5jcmwwVwYDVR0gBFAwTjBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMAgGBmeBDAECATAfBgNVHSMEGDAWgBT\/L3\/hBvQ48y3tJY2Ywv4O9mz8+jAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBAMPsJfwqCr1vkmJ6xmjJ4J\/CR0ZN3Mxkos0A3EOeiRumGDDStRW\/V7tBzbpdr01AuMj7xssX78Pp\/J7WpMC+7YxKBWsZz7yFoQ79Gb+N79O\/wp6Ybr\/zyPix402UQF8PueYMQL8Lrs9tQCGUljs+pyBTcshtZeb4zivWV9fju99elwrQIohl3EiWNgRG3Dd3w+nRp0mtGkvJO624DK2U5yBVYFJKEZlB8mAygLF3A5SNVep3MDnfWFE9hZBrnSWdQVwFEFOPI+CbdRZi1+Enep8vd5HjCMu+hjiNZyROz459g3yXGgyaeg\/tl6FxDpwgyeVRV2nDXbXpfxaFDaMkaA4qFR+ar6Zos9Sm7wYAcc2pEihbm04YGGkQwnPo5KTKxcpSaRcik5Q6kzEjJlERhWKLihgYQwblXixQTiDtWoTQvfniIdWPlio5qYxjB3B26k5MZhmdn10RNh2KU0JLiJFZAazSqs26VEXIowPKd1AAYri+U2AwW0jm3zHHaD+\/sScG9chnnQ6qoI+R2qQ2eePaXtQbX7M9VNw\/vimognxXI\/6uLTpOzvnzakE5En2+kVCOMx9RpMpDBtpj\/yt71K2XVcd0jLWilv40K21K+vi6ADQw\/Xj2AhzWQo\/AcF5u8Q5vDyqUKbuKiVPcS++qvLlLILpCOgN2uxcO3HOnNjjdAAVeMIIFWjCCBEKgAwIBAgIQD6dHIsU9iMgPWJ77H51KOjANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDcyMTIzMDAwMFoXDTI0MTAwODA3MDAwMFowTzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXTWljcm9zb2Z0IFJTQSBUTFMgQ0EgMDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD0wBlZqiokfAYhMdHuEvWBapTj9tFKL+NdsS4pFDi8zJVdKQfR+F039CDXtD9YOnqS7o88+isKcgOeQNTri472mPnn8N3vPCX0bDOEVk+nkZNIBA3zApvGGg\/40Thv78kAlxibMipsKahdbuoHByOB4ZlYotcBhf\/ObUf65kCRfXMRQqOKWkZLkilPPn3zkYM5GHxeI4MNZ1SoKBEoHa2E\/uDwBQVxadY4SRZWFxMd7ARyI4Cz1ik4N2Z6ALD3MfjAgEEDwoknyw9TGvr4PubAZdqU511zNLBoavar2OAVTl0Tddj+RAhbnX1\/zypqk+ifv+d3CgiDa8Mbvo1u2Q8nuUBrKVUmR6EjkV\/dDrIsUaU643v\/Wp\/uE7xLDdg="}
 01684{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":6,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710577591,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5844,"midstream":0,"thread_ts_usec":1646495710577591,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"onedrive.live.com","domainame":"onedrive.live.com","tls": {"version":"TLSv1.2","server_names":"onedrive.com,p.sfx.ms,*.live.com,*.live.net,*.skydrive.live.com,*.onedrive.live.com,*.onedrive.com,d.sfx-df.ms,*.odwebb.svc.ms,*.odwebp.svc.ms,*.odwebdf.svc.ms,*.odwebpl.svc.ms","ja3s":"a66ea560599a2f5c89eec8c3a0d69cee","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 02","subjectDN":"CN=onedrive.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"77:7F:F2:95:29:A7:E3:CC:0F:BF:2F:BA:2E:6F:2A:38:62:8B:48:4D","blocks":0}}}
@@ -349,7 +349,7 @@
 01241{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495837086190,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837086190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495837086190,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.181.238","src_port":36832,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"plus.google.com","domainame":"plus.google.com","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0314h0_55b375c5d22e_2d2a40a25571","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
 02351{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_packet_id":2,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837102627,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1399,"pkt_l4_len":1365,"thread_ts_usec":1646495837102627,"pkt":"PKn0qB\/spJGxgjQ5CABFgAVpAABAADMROvOO+rXuwKgBgAG7j+AFVSXtyAAAAAEDuYLxCBrJK2uwimWBAEU4Tznrzq28hb1XmRDs0MFqelTnhcFUZ84H4q1aY4G8iO4oHDfc48pBHn\/VwFJa95gqSHvH4Ev8Om2dP0drKfHTm5RIabnMUwABEpNiK30Wb+s0DC1P8fJqrYirSkcMUtk+OScepXvvMoUJqb3oK\/SHueY\/CR+1r94ahlb+lQ5CMkRrFEpV8Y80c9Tk558ky1YvZroBJocv+D8x22dTrB3Nr2zV5BXUe4IfZjyM1uOvrGOzm7BFlSrMgOj6FKIkCgp\/pf+jrmIN6zoTCYHljLfpxOi3CtJlotE5kvBNJfYTIlpV6ePxOeaBHnLAnR8AUiLMe4EQhoCyafpPSu2uRilBt0zY24SPHj+Vr1q8JDD3+tdbrEpwnhqALSf4fMlI0nlCiW6KDCz9YYUL75K4IS9444yNzf1Yr99Mh0kbqbRkqVD2lz0sc+tejmla91jt2s1ymwqM2Dkc57wq\/ZGL2qTvHoCDCrWXzzSFq2DtMODbeFddKrW7D2S\/WC6gNpi8CkmnUEfrksPztXbMxr+4svM2m36IzD+uTDtBonQOeeetS42fSNmayHtkfbHFRhxhKIWxbXnDeYhaHVYjCQ+4X0zwkTVPladnLIcVEBYqwYQv5\/bz9ieX8wyoykaDLtE9CrJi2EKtZ8wkCC7Z741Zd+Wml1GFTEX8vTPcXOs4jWXGa8by36ak7R21cVgtCbMzCsX51MXYO9rxKpqzQ90YL3ZJybESTLyCZVaetnFQQy0zj9i3aMbEeaF1GIY8fpv41LJIfBTcuddEsku5mHk0ET+hIJRQHhrqv3\/7dLCFIB8IbFzqoMNXvst3vFd153RNd4+wDFw0PTKp3WxAax7aH3o4vpIKkH5MYZZm6QdYg4AXeCOVs+yOQckfo449mppsZnBCauNFwyGHgfdImQc5ChUcBackKfZKPm+8gpfez3Lh5cIH5TVZfBcX2049yxCxwBIQNMHRFZ\/l6px98JrGqv9wlLvZ9x05f9o+OBwqtGjSma1n6CqkHTjCKDb9wEKbD27oXi\/IB1KPHp2u9d\/c+7X2RVtjWmizhI43eqsfAt6YQSI\/I6i5XWGJRa1qw\/6lLbvQvj\/jHqXTS68GWhBdBLJUtfTko6qCsN7rqu1qRzGoIhl0BkGE92lNyYY\/ZTU6\/hdcvPHH\/gVolLu3hFDPu+ipgvDDLIZuRl+UaoOI4gJccnN1m37oKsX6NQtnyeGSc2tM6+62ei3A6X8waSaElCusvteiUGCHQxwaHmAxN+l0Fnrtj2W9v8HqhbG8zavLaMSK9TCSurpq1GtTp5SAztNP1KCrvVnqVhJrjpPBsMoRZgIibHU+b02bSrZ5vLUq8fMRq1DHjSpmxuFXNZXv4gyNl3Dl6lhcF466Vu3DVIKOpmXUnOt94P9drBleL2pc6g\/Rsi+uKui90velUE0hGPgoOIhhDJ0ymy34LYnDdDZuGwprFKEAglwy2+YC1sXbba6gKVjcOV1Ca5zHuLIWZHit470RXXzr7m1Xi\/5cXZYyKSyJACVo6ge6ve+Upi7YI+aW+jgyPqmHMKb+I\/eIOcKZeHyih24R2l7AgjvcvMggC5W8nbNUSu9cpnGWdlPqjTB0D+d7oT5+bGyUabkzh3dJ2t9fzH8gnGtlT1zFzufTmcBCKpbCY6sP\/0lUq7vHjuvu650M0IhuYA8e9G78Y8vHGY8YN9zIOLD+CF2bDXHwqf3VW0Z0KdlLeLkOH0oqFJ9UgLOZLQqYMUReoZ97In3a7hJ65ZurIhpFxCeAoO9kMhJrGIJTN\/Ls9g=="}
 01023{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646495785326719,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785351813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":1357,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":1357,"midstream":0,"thread_ts_usec":1646495837102627,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"216.58.212.142","src_port":38642,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"hangouts.google.com"}}
-00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":489,"packets-processed":488,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":221442,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":39,"total-detection-updates":41,"total-updates":1,"current-active-flows":10,"total-active-flows":43,"total-idle-flows":33,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":352,"global_ts_usec":1646568788171099}
+00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":489,"packets-processed":488,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":221442,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":39,"total-detection-updates":41,"total-updates":1,"current-active-flows":10,"total-active-flows":43,"total-idle-flows":33,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":352,"global_ts_usec":1646568788171099}
 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788171099,"flow_dst_last_pkt_time":1646568788171099,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646568788171099,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":1,"flow_src_last_pkt_time":1646568788171099,"flow_dst_last_pkt_time":1646568788171099,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646568788171099,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8AQRAAEAGfpzAqAGA0FUontLaAbs4n4KKAAAAAKAC+vB1NgAAAgQFtAQCCArSjLpwAAAAAAEDAwc="}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":2,"flow_src_last_pkt_time":1646568788171099,"flow_dst_last_pkt_time":1646568788337647,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646568788337647,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8Ke1AAPAGpbLQVSiewKgBgAG70tpN2CtOOJ+Ci6ASOQiNqgAAAgQFtAEDAwAEAggKXyXRHtKMunA="}
@@ -366,10 +366,10 @@
 00962{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495836963393,"flow_src_last_pkt_time":1646495836983510,"flow_dst_last_pkt_time":1646495837006974,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.206","src_port":50608,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":7,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710590410,"flow_dst_last_pkt_time":1646495710610809,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":6170,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
 01021{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646495785326719,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785351813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":1357,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":1357,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"216.58.212.142","src_port":38642,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"hangouts.google.com"}}
-00975{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710423757,"flow_dst_last_pkt_time":1646495710456993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":5890,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft","proto_id":"91.212","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":13,"category":"Cloud"}}
-00981{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650812560,"flow_dst_last_pkt_time":1646495650832457,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":4252,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Teams","proto_id":"91.250","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710423757,"flow_dst_last_pkt_time":1646495710456993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":5890,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
+00994{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650812560,"flow_dst_last_pkt_time":1646495650832457,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":4252,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft365","proto_id":"91.219","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Acceptable","category_id":15,"category":"Collaborative"}}
 00994{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495488872237,"flow_src_last_pkt_time":1646495488882948,"flow_dst_last_pkt_time":1646495488890513,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"15.160.39.187","src_port":45898,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AppleSiri","proto_id":"91.254","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":32,"category":"VirtAssistant"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":497,"packets-processed":496,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":225679,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":40,"total-detection-updates":43,"total-updates":1,"current-active-flows":1,"total-active-flows":44,"total-idle-flows":43,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":372,"global_ts_usec":1705785496290955}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":497,"packets-processed":496,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":225679,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":40,"total-detection-updates":43,"total-updates":1,"current-active-flows":1,"total-active-flows":44,"total-idle-flows":43,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":372,"global_ts_usec":1705785496290955}
 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1705785496290955,"flow_src_last_pkt_time":1705785496290955,"flow_dst_last_pkt_time":1705785496290955,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1705785496290955,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"185.5.161.203","src_port":33920,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":1,"flow_src_last_pkt_time":1705785496290955,"flow_dst_last_pkt_time":1705785496290955,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1705785496290955,"pkt":"SKmKCiNt8C90rUP1CABFAAA8WxFAAEAGa0rAqFjnuQWhy4SAAbsqMmHbAAAAAKACfXh0jwAAAgQFtAQCCAqBTLs4AAAAAAEDAwc="}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":2,"flow_src_last_pkt_time":1705785496290955,"flow_dst_last_pkt_time":1705785496317442,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1705785496317442,"pkt":"8C90rUP1SKmKCiNtCABFAAA8AABAADgGzlu5BaHLwKhY5wG7hIDVhr3LKjJh3KAS\/oimXQAAAgQFoAQCCAoinSn+gUy7OAEDAwc="}
@@ -387,7 +387,7 @@
 00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_packet_id":5,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1705785496365954,"pkt":"8C90rUP1SKmKCiNtCABFAAAoTbhAAOYGzf2fmb\/wwKhY5wG7wx6oa+tFx38bIVAQAf75kAAAAADOeU3u"}
 01767{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1705785496365954,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1330,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3087,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"159.153.191.240","src_port":49950,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"8": {"risk":"Weak TLS Cipher","severity":"High","risk_score": {"total":150,"client":135,"server":15}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"accounts.ea.com","domainame":"accounts.ea.com","tls": {"version":"TLSv1.2","server_names":"accounts.ea.com","ja3s":"7b6819ed58e8d8415604b7dfcef92d55","ja4":"t13d571100_131602cb7446_24695f2957a7","unsafe_cipher":1,"cipher":"TLS_RSA_WITH_AES_256_CBC_SHA","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA","subjectDN":"C=US, ST=CALIFORNIA, L=Redwood City, O=Electronic Arts, Inc., CN=accounts.ea.com","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","fingerprint":"6E:9C:F6:59:DD:52:AA:1B:73:A6:B5:29:71:59:89:7D:B5:46:67:3D","blocks":0}}}
 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788681368,"flow_dst_last_pkt_time":1646568788847834,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":643,"flow_dst_tot_l4_payload_len":3594,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Pandora","proto_id":"91.187","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":513,"packets-processed":512,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":231228,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":42,"total-detection-updates":45,"total-updates":1,"current-active-flows":2,"total-active-flows":46,"total-idle-flows":44,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":390,"global_ts_usec":1708371748027374}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":513,"packets-processed":512,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":231228,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":42,"total-detection-updates":45,"total-updates":1,"current-active-flows":2,"total-active-flows":46,"total-idle-flows":44,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":390,"global_ts_usec":1708371748027374}
 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708371748027374,"flow_src_last_pkt_time":1708371748027374,"flow_dst_last_pkt_time":1708371748027374,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371748027374,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"160.44.196.198","src_port":54690,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":1,"flow_src_last_pkt_time":1708371748027374,"flow_dst_last_pkt_time":1708371748027374,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708371748027374,"pkt":"ILAB4IZiNObXAhsnCABFAAA8gTRAAEAGkffAqAH1oCzExtWiAbvECMZsAAAAAKAC+vAnvwAAAgQFtAQCCArUZE7pAAAAAAEDAwc="}
 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":2,"flow_src_last_pkt_time":1708371748027374,"flow_dst_last_pkt_time":1708371748055776,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1708371748055776,"pkt":"NObXAhsnILAB4IZiCABFAAA0AABAAC8GJDSgLMTGwKgB9QG71aITcGZwxAjGbYASchD5sQAAAgQFrAEBBAIBAwMJ"}
@@ -414,7 +414,7 @@
 01352{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708371750154536,"flow_src_last_pkt_time":1708371750158421,"flow_dst_last_pkt_time":1708371750161724,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":678,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":678,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1708371750161724,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:c044:a6d4:80d:5d55","dst_ip":"2600:9000:25ea:1200:1:12d8:5a00:93a1","src_port":39970,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"contentcenter-dre.dbankcdn.com","domainame":"contentcenter-dre.dbankcdn.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 01220{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1705785496365954,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1330,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3087,"midstream":0,"thread_ts_usec":1708371750169001,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"159.153.191.240","src_port":49950,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"8": {"risk":"Weak TLS Cipher","severity":"High","risk_score": {"total":150,"client":135,"server":15}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
 01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1705785496290955,"flow_src_last_pkt_time":1705785496323878,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1708371750169001,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"185.5.161.203","src_port":33920,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":563,"packets-processed":562,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":263723,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":45,"total-detection-updates":48,"total-updates":1,"current-active-flows":3,"total-active-flows":49,"total-idle-flows":46,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":417,"global_ts_usec":1708719352773616}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":563,"packets-processed":562,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":263723,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":45,"total-detection-updates":48,"total-updates":1,"current-active-flows":3,"total-active-flows":49,"total-idle-flows":46,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":417,"global_ts_usec":1708719352773616}
 00808{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708719352773616,"flow_src_last_pkt_time":1708719352773616,"flow_dst_last_pkt_time":1708719352773616,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719352773616,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48594,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":1,"flow_src_last_pkt_time":1708719352773616,"flow_dst_last_pkt_time":1708719352773616,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719352773616,"pkt":"ILAB4IZiNObXAhsnht1gDW8BACgGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvdIBu4y3QWIAAAAAoAL\/KM6bAAACBAWMBAIICh++fS8AAAAAAQMDBw=="}
 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":2,"flow_src_last_pkt_time":1708719352773616,"flow_dst_last_pkt_time":1708719352791118,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719352791118,"pkt":"NObXAhsnILAB4IZiht1gDcpXACgGNiABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu90sxyPm+Mt0FjoBJvkDRGAAACBATEBAIICmIWPwsfvn0vAQMDCg=="}
@@ -442,7 +442,7 @@
 00987{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":9,"flow_first_seen":1708371748597659,"flow_src_last_pkt_time":1708371749213915,"flow_dst_last_pkt_time":1708371749213883,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1027,"flow_dst_max_l4_payload_len":3900,"flow_src_tot_l4_payload_len":3616,"flow_dst_tot_l4_payload_len":12100,"midstream":0,"thread_ts_usec":1708719353862698,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"80.158.42.215","src_port":49558,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
 00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1708371748027374,"flow_src_last_pkt_time":1708371748206605,"flow_dst_last_pkt_time":1708371748165737,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":4380,"flow_src_tot_l4_payload_len":1281,"flow_dst_tot_l4_payload_len":9124,"midstream":0,"thread_ts_usec":1708719353862698,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"160.44.196.198","src_port":54690,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
 01035{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":4,"flow_first_seen":1708371750154536,"flow_src_last_pkt_time":1708371750169001,"flow_dst_last_pkt_time":1708371750165742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":678,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":1269,"flow_dst_tot_l4_payload_len":5105,"midstream":0,"thread_ts_usec":1708719353862698,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:c044:a6d4:80d:5d55","dst_ip":"2600:9000:25ea:1200:1:12d8:5a00:93a1","src_port":39970,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":585,"packets-processed":584,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":277398,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":48,"total-detection-updates":51,"total-updates":1,"current-active-flows":3,"total-active-flows":52,"total-idle-flows":49,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":445,"global_ts_usec":1708962497309716}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":585,"packets-processed":584,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":277398,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":48,"total-detection-updates":51,"total-updates":1,"current-active-flows":3,"total-active-flows":52,"total-idle-flows":49,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":445,"global_ts_usec":1708962497309716}
 00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708962497309716,"flow_src_last_pkt_time":1708962497309716,"flow_dst_last_pkt_time":1708962497309716,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708962497309716,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"5.61.23.30","src_port":46174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":1708962497309716,"flow_dst_last_pkt_time":1708962497309716,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708962497309716,"pkt":"ILAB4IZiNObXAhsnCABFAAA8tohAAEAGpTvAqAH1BT0XHrReAbvuMckPAAAAAKAC+vDfJgAAAgQFtAQCCAoHPO3YAAAAAAEDAww="}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":2,"flow_src_last_pkt_time":1708962497309716,"flow_dst_last_pkt_time":1708962497355167,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708962497355167,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAADYGZcQFPRcewKgB9QG7tF7fzYik7jHJEKASqbCmNAAAAgQFoAQCCApaSfP3Bzzt2AEDAwk="}
@@ -454,7 +454,7 @@
 01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708719352773616,"flow_src_last_pkt_time":1708719352792127,"flow_dst_last_pkt_time":1708719352810168,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":664,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1708962497540736,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48594,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
 01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":1708719353812053,"flow_src_last_pkt_time":1708719353853281,"flow_dst_last_pkt_time":1708719353853244,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":652,"flow_dst_max_l4_payload_len":4096,"flow_src_tot_l4_payload_len":652,"flow_dst_tot_l4_payload_len":5660,"midstream":0,"thread_ts_usec":1708962497540736,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48616,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
 01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":1708719353825157,"flow_src_last_pkt_time":1708719353862698,"flow_dst_last_pkt_time":1708719353862648,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":2416,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":2416,"midstream":0,"thread_ts_usec":1708962497540736,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":605,"packets-processed":604,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":281689,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":49,"total-detection-updates":52,"total-updates":1,"current-active-flows":1,"total-active-flows":53,"total-idle-flows":52,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":457,"global_ts_usec":1713874727209515}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":605,"packets-processed":604,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":281689,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":49,"total-detection-updates":52,"total-updates":1,"current-active-flows":1,"total-active-flows":53,"total-idle-flows":52,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":457,"global_ts_usec":1713874727209515}
 00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1713874727209515,"flow_src_last_pkt_time":1713874727209515,"flow_dst_last_pkt_time":1713874727209515,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874727209515,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"116.211.202.129","src_port":55272,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":1,"flow_src_last_pkt_time":1713874727209515,"flow_dst_last_pkt_time":1713874727209515,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874727209515,"pkt":"SKmKCiNtCAAnZaFTCABFAAA0IZVAAIAGAADAqFirdNPKgdfoAbu+XAjuAAAAAIAC+vBYzwAAAgQFtAEDAwgBAQQC"}
 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":2,"flow_src_last_pkt_time":1713874727209515,"flow_dst_last_pkt_time":1713874727497923,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874727497923,"pkt":"CAAnZaFTSKmKCiNtCABFAAA0IZVAACgG2IZ008qBwKhYqwG71+hkrGzzvlwI74AS+vCq9AAAAgQFoAEBAQEBAQQC"}
@@ -480,7 +480,7 @@
 01223{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"msg.qy.net","domainame":"msg.qy.net","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d3113h2_e8f1e7e78f70_1b3407e2c936","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
 01268{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"msg.qy.net","domainame":"msg.qy.net","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d3113h2_e8f1e7e78f70_1b3407e2c936","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
 00958{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":10,"flow_first_seen":1708962497309716,"flow_src_last_pkt_time":1708962497495798,"flow_dst_last_pkt_time":1708962497540736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":839,"flow_dst_max_l4_payload_len":2170,"flow_src_tot_l4_payload_len":1416,"flow_dst_tot_l4_payload_len":2875,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"5.61.23.30","src_port":46174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":624,"packets-processed":623,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":287611,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":52,"total-detection-updates":55,"total-updates":1,"current-active-flows":3,"total-active-flows":56,"total-idle-flows":53,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":483,"global_ts_usec":1713890981649495}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":624,"packets-processed":623,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":287611,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":52,"total-detection-updates":55,"total-updates":1,"current-active-flows":3,"total-active-flows":56,"total-idle-flows":53,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":483,"global_ts_usec":1713890981649495}
 00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1713890981649495,"flow_src_last_pkt_time":1713890981649495,"flow_dst_last_pkt_time":1713890981649495,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713890981649495,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"54.208.106.218","src_port":49217,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":1,"flow_src_last_pkt_time":1713890981649495,"flow_dst_last_pkt_time":1713890981649495,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713890981649495,"pkt":"SKmKCiNtCAAnZaFTCABFAAA0W3JAAIAGAADAqFirNtBq2sBBAbtizhVCAAAAAIAC+vC7JAAAAgQFtAEDAwgBAQQC"}
 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":2,"flow_src_last_pkt_time":1713890981649495,"flow_dst_last_pkt_time":1713890981788412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713890981788412,"pkt":"CAAnZaFTSKmKCiNtCABFAAA0AABAAO0G0sU20GrawKhYqwG7wEEwlJewYs4VQ4ASaQNIwAAAAgQFoAEBBAIBAwMI"}
@@ -492,7 +492,7 @@
 00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713874727209515,"flow_src_last_pkt_time":1713874727498785,"flow_dst_last_pkt_time":1713874727797620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"116.211.202.129","src_port":55272,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
 00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713874733252417,"flow_src_last_pkt_time":1713874733276281,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":568,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":568,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"184.86.2.194","src_port":55468,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
 00976{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":630,"packets-processed":629,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":289568,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":53,"total-detection-updates":56,"total-updates":1,"current-active-flows":1,"total-active-flows":57,"total-idle-flows":56,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":495,"global_ts_usec":1714854984089683}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":630,"packets-processed":629,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":289568,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":53,"total-detection-updates":56,"total-updates":1,"current-active-flows":1,"total-active-flows":57,"total-idle-flows":56,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":495,"global_ts_usec":1714854984089683}
 00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714854984089683,"flow_src_last_pkt_time":1714854984089683,"flow_dst_last_pkt_time":1714854984089683,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854984089683,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.136.49.254","src_port":50142,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":1,"flow_src_last_pkt_time":1714854984089683,"flow_dst_last_pkt_time":1714854984089683,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854984089683,"pkt":"ILAB4IZiNObXAhsnCABFAAA8\/VBAAEAGRUjAqAH1A4gx\/sPeAbv5QqzqAAAAAKAC+vD4UQAAAgQFtAQCCApwdY9LAAAAAAEDAwc="}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":631,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":2,"flow_src_last_pkt_time":1714854984089683,"flow_dst_last_pkt_time":1714854984207475,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854984207475,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAAOkGmZgDiDH+wKgB9QG7w95OABkI+UKs66ASaN8GPQAAAgQFtAQCCAoKEgQMcHWPSwEDAwg="}
@@ -526,11 +526,11 @@
 01252{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":653,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1714855508634175,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508637050,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":663,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":663,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855508638270,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a04:4e42:c00::347","src_port":35968,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Mastodon","proto_id":"91.412","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"mastodon.social","domainame":"mastodon.social","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":654,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_packet_id":5,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508641708,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1714855508641708,"pkt":"NObXAhsnILAB4IZiht1gA1LzACAGOyoETkIMAAAAAAAAAAAAA0cgAQsHCj3BEm6lq1KSMAulAbuMgH1JAZDJWLHzgBABBivwAAABAQgKJJ8cu0OABtk="}
 01297{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":655,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1714855508634175,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508643170,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":663,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":663,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1714855508643170,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a04:4e42:c00::347","src_port":35968,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Mastodon","proto_id":"91.412","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"mastodon.social","domainame":"mastodon.social","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":656,"packets-processed":655,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":307433,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":57,"total-detection-updates":60,"total-updates":1,"current-active-flows":4,"total-active-flows":61,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":529,"global_ts_usec":1714855626875150}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":656,"packets-processed":655,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":307433,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":57,"total-detection-updates":60,"total-updates":1,"current-active-flows":4,"total-active-flows":61,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":529,"global_ts_usec":1714855626875150}
 00828{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714855626875150,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1337,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1337,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1337,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855626875150,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a03:2880:f208:c4:face:b00c::43fe","src_port":41590,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
 02349{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_packet_id":1,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1399,"pkt_l4_len":1345,"thread_ts_usec":1714855626875150,"pkt":"ILAB4IZiNObXAhsnht1gAqQwBUERQCABCwcKPcESbqWrUpIwC6UqAyiA8ggAxPrOsAwAAEP+onYBuwVB56HPAAAAAQntgqIw4+DzXG8DDjV4AEKHhuUnnf7aCsqjJ6n9uzsKazMDl36U3lgejMwMjFcChCo2U\/4egl84ETgP50PyNnQWj7l2NNX\/opJ2P6uWw+PhENIBM8sJ\/NgHq0VgbJtgDw3uez8\/MAaZE\/cl1TB\/c8CQyzdHNaaSDYGOAQWweSfIzAvWDP9hbdYh07ywhlGFuog+32Prts5MQG1WwihrPli5ULgVB865Pxdl4W\/uWX4tIEsaOq9yIUZikgtiIN\/lJ2MxWV87IMALL\/0xAnAY+oVEWruI8jd5eyEWek8DNQV53lL5nQuMu3yl1yA6PxDnzcfqiin+FXddHI3Mc15ugeOrDFLl92\/b0O83dAMS4WrgPl6nBxxv\/os70fJ9pN09aByi3MJajU7WYJifrAL5gbjNCl6HGQPh3w5kIYjMAE+4ea\/yJs9k52ITu9vwsi79PJSiXFX618uK+2jw5tOOXQVOK\/udu505vNAfkQffevVF6JBDr5h3rBgRTW6GUmAIrbPzYR6AeXyxXeTosExy8waiPa+\/8j8wNeFh42rj8mEVgdp+mvgDsoP3vBpzghC3upVNf1PnkwrL\/8puXPkr4Bs+DlC8FdJKSu5haPhdqgqXK6sKSAQTtauSV\/p4szNlL6\/UPMWULqzYXXFmG\/yqneMUt6G0Z0JzxovHx85dvQR8drgQOvo8Mp\/SUgwTb2wa0eNMwq+SynOrpUTF+jxGyaNjewWA0nnY5XakI9XBaWhGxqOjRxflsIsIxNN98VUMvRFu3Yl23bEq70Q5NVqtiOoM\/g3mm6bnNnKcPqiZlCAeS3sItwr1C6TXBPxOkaO3AMYujWFGytVr8mplzr07A9ONMULDElcuPUhzBm0DoR5ecEkv0t3rHXoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
 01288{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714855626875150,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1337,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1337,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1337,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855626875150,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a03:2880:f208:c4:face:b00c::43fe","src_port":41590,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Threads","proto_id":"188.413","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.threads.net","domainame":"www.threads.net","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0314h0_55b375c5d22e_61e396c58b1f","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":657,"packets-processed":656,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":308770,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":58,"total-detection-updates":60,"total-updates":1,"current-active-flows":5,"total-active-flows":62,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":533,"global_ts_usec":1722431353907697}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":657,"packets-processed":656,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":308770,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":58,"total-detection-updates":60,"total-updates":1,"current-active-flows":5,"total-active-flows":62,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":533,"global_ts_usec":1722431353907697}
 00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353907697,"flow_dst_last_pkt_time":1722431353907697,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722431353907697,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":1,"flow_src_last_pkt_time":1722431353907697,"flow_dst_last_pkt_time":1722431353907697,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722431353907697,"pkt":"ILAB4IZiNObXAhsnCABFAAA8zQxAAEAGppLAqAH1aBCcb+UAAbvi6sc0AAAAAKAC+vDHSwAAAgQFtAQCCAoCIa4cAAAAAAEDAwc="}
 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":658,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":2,"flow_src_last_pkt_time":1722431353907697,"flow_dst_last_pkt_time":1722431353928918,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722431353928918,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAADkGep9oEJxvwKgB9QG75QChV1Qc4urHNaAS\/\/\/CaQAAAgQFeAQCCArZVK68AiGuHAEDAw0="}
@@ -544,7 +544,7 @@
 00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":1714854988939343,"flow_src_last_pkt_time":1714854989133340,"flow_dst_last_pkt_time":1714854989133315,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":4344,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":4344,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"44.218.3.81","src_port":55362,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
 00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":1714854984089683,"flow_src_last_pkt_time":1714854984327058,"flow_dst_last_pkt_time":1714854984327006,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":656,"flow_dst_max_l4_payload_len":4344,"flow_src_tot_l4_payload_len":656,"flow_dst_tot_l4_payload_len":4344,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.136.49.254","src_port":50142,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
 00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1714854993342168,"flow_src_last_pkt_time":1714854993534195,"flow_dst_last_pkt_time":1714854993534151,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":679,"flow_dst_max_l4_payload_len":2896,"flow_src_tot_l4_payload_len":679,"flow_dst_tot_l4_payload_len":2896,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"15.204.197.32","src_port":33212,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
-00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":679,"packets-processed":678,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":317899,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":59,"total-detection-updates":61,"total-updates":1,"current-active-flows":1,"total-active-flows":63,"total-idle-flows":62,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":547,"global_ts_usec":1722540110191305}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":679,"packets-processed":678,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":317899,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":59,"total-detection-updates":61,"total-updates":1,"current-active-flows":1,"total-active-flows":63,"total-idle-flows":62,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":547,"global_ts_usec":1722540110191305}
 00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110191305,"flow_dst_last_pkt_time":1722540110191305,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722540110191305,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
 00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":1,"flow_src_last_pkt_time":1722540110191305,"flow_dst_last_pkt_time":1722540110191305,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722540110191305,"pkt":"ILAB4IZiCAAn\/ADWCABFAAA8BCdAAEAGK7zAqAG3kka2M6xGAbuT6uEmAAAAAKAC+vALCAAAAgQFtAQCCAq7v5eGAAAAAAEDAwc="}
 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":680,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":2,"flow_src_last_pkt_time":1722540110191305,"flow_dst_last_pkt_time":1722540110194850,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722540110194850,"pkt":"CAAn\/ADWILAB4IZiCABFAAA8AABAADgGN+OSRrYzwKgBtwG7rEboU0P1k+rhJ6AS\/ogVTwAAAgQFtAQCCAoNiXkPu7+XhgEDAwo="}
@@ -553,21 +553,32 @@
 01261{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":682,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110194850,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1956,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722540110195491,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN","hostname":"it-mil-v086.prod.surfshark.com","domainame":"it-mil-v086.prod.surfshark.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1517h2_8daaf6152771_b0da82dd1658","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
 00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":683,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":5,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110198684,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1722540110198684,"pkt":"CAAn\/ADWILAB4IZiCABFAAA0mz9AADgGnKuSRrYzwKgBtwG7rEboU0P2k+rmz4AQAD88twAAAQEICg2JeRO7v5eL"}
 01304{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":685,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110198757,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":384,"flow_src_tot_l4_payload_len":1956,"flow_dst_tot_l4_payload_len":384,"midstream":0,"thread_ts_usec":1722540110198757,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN","hostname":"it-mil-v086.prod.surfshark.com","domainame":"it-mil-v086.prod.surfshark.com","tls": {"version":"TLSv1.3","ja3s":"fcb2d4d0991292272fcb1e464eedfd43","ja4":"t13d1517h2_8daaf6152771_b0da82dd1658","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
-00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":699,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":10,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110397706,"flow_dst_last_pkt_time":1722540110391236,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":3460,"flow_src_tot_l4_payload_len":5083,"flow_dst_tot_l4_payload_len":6344,"midstream":0,"thread_ts_usec":1722540110397706,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}}
-00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":699,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353994238,"flow_dst_last_pkt_time":1722431354035876,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1153,"flow_dst_max_l4_payload_len":2782,"flow_src_tot_l4_payload_len":1671,"flow_dst_tot_l4_payload_len":7458,"midstream":0,"thread_ts_usec":1722540110397706,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.NordVPN","proto_id":"91.426","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}}
-00852{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":699,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5086-e946f49","ndpi_api_version":11807,"size_per_flow":1408,"packets-captured":699,"packets-processed":699,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":329326,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":60,"total-detection-updates":62,"total-updates":1,"current-active-flows":0,"total-active-flows":64,"total-idle-flows":64,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":558,"global_ts_usec":1722540110397706}
+00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353994238,"flow_dst_last_pkt_time":1722431354035876,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1153,"flow_dst_max_l4_payload_len":2782,"flow_src_tot_l4_payload_len":1671,"flow_dst_tot_l4_payload_len":7458,"midstream":0,"thread_ts_usec":1722540110397706,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.NordVPN","proto_id":"91.426","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}}
+00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":700,"packets-processed":699,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":329326,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":60,"total-detection-updates":62,"total-updates":1,"current-active-flows":1,"total-active-flows":64,"total-idle-flows":63,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":557,"global_ts_usec":1739618620340283}
+00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620340283,"flow_dst_last_pkt_time":1739618620340283,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1739618620340283,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
+00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":1,"flow_src_last_pkt_time":1739618620340283,"flow_dst_last_pkt_time":1739618620340283,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1739618620340283,"pkt":"LMgbpH+D6MgproQOCABFAAA0vNZAAIAGAADAqFhibe5a7\/4+AbvJAVcuAAAAAIAC\/\/\/iDgAAAgQFtAEDAwgBAQQC"}
+00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":701,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":2,"flow_src_last_pkt_time":1739618620340283,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1739618620345591,"pkt":"6MgproQOLMgbpH+DCABFAAAwAABAADgGYOBt7lrvwKhYYgG7\/j4Jh6K5yQFXL3AS\/\/\/V5AAAAgQFggEDAwk="}
+00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":702,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":3,"flow_src_last_pkt_time":1739618620345623,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1739618620345623,"pkt":"LMgbpH+D6MgproQOCABFAAAovNdAAIAGAADAqFhibe5a7\/4+AbvJAVcvCYeiulAQAP\/iAgAA"}
+01234{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":703,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":4,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1739618620345845,"pkt":"LMgbpH+D6MgproQOCABFAAItvNhAAIAGAADAqFhibe5a7\/4+AbvJAVcvCYeiulAYAP\/kBwAAFgMBAgABAAH8AwON6sw\/Rto\/i\/aZRkS3HmMAPZjw0BkketO4oD8ZJq2w3CCkOfPvpJvvuPJAC\/OvFFmWNPugdNR7PBiQ3yLS+LGcxwAgqqoTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTWloAAAAFAAUBAAAAAAAbAAMCAAIAFwAA\/wEAAQAACwACAQD+DQC6AAABAAErACDw8fE86qx7BKl33FvxSNpjKgBE6rAnf+Cc0KyLggQMawCQhx7S1QiTAL3+Fn+LxbJLGfJ2R86jzKD2tC4E\/SxmtSVOFR9DLm\/tOTvmsYcIXWE8IsGHUJUilN0o+YufoJ0oKDqjAgUu5A0T7etJWNFpPRseaorssHN4+WvaRj701\/\/nQGZKhIb44BY4MQoq6oPqV+Fb8\/TE1tHilUNmAtxmHh55m9XupTXV8oOnHqmXTc2+ABAADgAMAmgyCGh0dHAvMS4xACsABwba2gMEAwMAIwAAAC0AAgEBADMAKwApenoAAQAAHQAgVTPIW15AMu0kaA9GTtzilmgFZoTzCWAZljf+T98OkEcADQASABAEAwgEBAEFAwgFBQEIBgYBABIAAAAKAAoACHp6AB0AFwAYRM0ABQADAmgyAAAADgAMAAAJcnV0dWJlLnJ1uroAAQAAFQAQAAAAAAAAAAAAAAAAAAAAAA=="}
+01210{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":703,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1739618620345845,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media","hostname":"rutube.ru","domainame":"rutube.ru","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1517h2_8daaf6152771_fca9c764716e","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
+00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":704,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":5,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620354780,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1739618620354780,"pkt":"6MgproQOLMgbpH+DCABFAAAo2DQAADgGyLNt7lrvwKhYYgG7\/j4Jh6K6yQFZNFAQf\/9\/ewAAc5IAAAAA"}
+01255{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":705,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620354780,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1739618620354780,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media","hostname":"rutube.ru","domainame":"rutube.ru","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1517h2_8daaf6152771_fca9c764716e","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
+02132{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":731,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":24,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620404970,"flow_dst_last_pkt_time":1739618620417846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1991,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2588,"flow_dst_tot_l4_payload_len":27471,"midstream":0,"thread_ts_usec":1739618620417846,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":4588.7,"max":39059,"stddev":9828.0,"var":96590432.0,"ent":2.8,"data": [5308,5340,222,9189,0,0,0,0,9037,1787,198,11102,0,0,9044,39024,0,0,0,0,0,0,0,0,0,39059,12940,0,0,0,0]},"pktlen": {"min":40,"avg":980.3,"max":2031,"stddev":674.0,"var":454340.0,"ent":4.5,"data": [52,48,40,557,46,1500,1500,1216,941,40,120,2031,46,327,327,40,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,40,1500,1500,1500,1500,1500]},"bins": {"c_to_s": [5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1],"s_to_c": [3,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,17,0,0]},"directions": [0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,0,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1],"entropies": [4.500089169,4.951495171,4.671928406,6.625383854,4.670969009,7.831572533,7.875962734,7.855746269,7.747753143,4.671928406,6.160531998,7.902746677,4.714447498,7.261562824,7.307878971,4.671928406,7.903173923,7.858101368,7.873634338,7.895243168,7.859722137,7.886281967,7.878189087,7.856512547,7.879987717,7.880470276,4.671928406,7.873325348,7.872891426,7.877501011,7.861202240,7.865600586]},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media"}}
+00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":793,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":10,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110397706,"flow_dst_last_pkt_time":1722540110391236,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":3460,"flow_src_tot_l4_payload_len":5083,"flow_dst_tot_l4_payload_len":6344,"midstream":0,"thread_ts_usec":1739618623913267,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}}
+01004{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"finished","flow_src_packets_processed":24,"flow_dst_packets_processed":75,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618653956061,"flow_dst_last_pkt_time":1739618653959838,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2230,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":14776,"flow_dst_tot_l4_payload_len":83996,"midstream":0,"thread_ts_usec":1739618653959838,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media","hostname":"rutube.ru"}}
+00852{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":798,"packets-processed":798,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":428098,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":61,"total-detection-updates":63,"total-updates":1,"current-active-flows":0,"total-active-flows":65,"total-idle-flows":65,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":569,"global_ts_usec":1739618653959838}
 ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
-~~ packets captured/processed: 699/699
+~~ packets captured/processed: 798/798
 ~~ skipped flows.............: 0
-~~ total layer4 data length..: 329326 bytes
-~~ total detected protocols..: 60
-~~ total active/idle flows...: 64/64
+~~ total layer4 data length..: 428098 bytes
+~~ total detected protocols..: 61
+~~ total active/idle flows...: 65/65
 ~~ total timeout flows.......: 4
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 8460995 bytes
-~~ total memory freed........: 8460995 bytes
-~~ total allocations/frees...: 128014/128014
+~~ total memory allocated....: 9662001 bytes
+~~ total memory freed........: 9662001 bytes
+~~ total allocations/frees...: 147011/147011
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ~~ json message min len.......: 532 chars
 ~~ json message max len.......: 4476 chars
-~~ json message avg len.......: 2503 chars
+~~ json message avg len.......: 2504 chars