summaryrefslogtreecommitdiff
path: root/test/results/chrome.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/chrome.pcap.out')
-rw-r--r--test/results/chrome.pcap.out60
1 files changed, 30 insertions, 30 deletions
diff --git a/test/results/chrome.pcap.out b/test/results/chrome.pcap.out
index 0cc70bdb4..7026af8c9 100644
--- a/test/results/chrome.pcap.out
+++ b/test/results/chrome.pcap.out
@@ -1,52 +1,52 @@
00486{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"chrome.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":3265032704,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00549{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"chrome.pcap","alias":"nDPId-test","packets-captured":1,"packets-processed":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":2,"global_ts_usec":1620902507870345}
00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1620902507870345,"flow_src_last_pkt_time":1620902507870345,"flow_dst_last_pkt_time":1620902507870345,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902507870345,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64393,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1620902507870345,"flow_dst_last_pkt_time":1620902507870345,"flow_idle_time":3285032704,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902507870345,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuJAbsdWbUDAAAAALAC\/\/8TEgAAAgQFtAEDAwUBAQgKM3SSOAAAAAAEAgAA"}
-00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1620902507870345,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902507899110,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+4lEvFS6HVm1BKAS\/og8HwAAAgQFrAQCCAo6mxVSM3SSOAEDAwc="}
-00501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1620902507899217,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902507899217,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuJAbsdWbUERLxUu4AQECxZJAAAAQEICjN0klQ6mxVS"}
-01200{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1620902507899556,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1620902507899556,"pkt":"EBMx8Tl2KDc3AG3ICABFAAI5AABAAEAGqiLAqAGykjA6EvuJAbsdWbUERLxUu4AYECwCqAAAAQEICjN0klQ6mxVSFgMBAgABAAH8AwPXeqDyUs\/4\/4GpyC7cQmIfjIDYOwMiNhyWri8r2nhJziBwlN\/eL66WXpAzektMXIQLhsqrrKWrh6bikEQBRa52KQAgmpoTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAGTSkoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIamoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArAClqagABAAAdACA68Y2Vy4YgXwTAo+K4xouQJsapDvYw\/iCmjTHqJSW2SAAtAAIBAQArAAsKamoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJqagABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
+00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1620902507870345,"flow_dst_last_pkt_time":1620902507870345,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902507870345,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuJAbsdWbUDAAAAALAC\/\/8TEgAAAgQFtAEDAwUBAQgKM3SSOAAAAAAEAgAA"}
+00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1620902507870345,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902507899110,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+4lEvFS6HVm1BKAS\/og8HwAAAgQFrAQCCAo6mxVSM3SSOAEDAwc="}
+00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1620902507899217,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902507899217,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuJAbsdWbUERLxUu4AQECxZJAAAAQEICjN0klQ6mxVS"}
+01217{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1620902507899556,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1620902507899556,"pkt":"EBMx8Tl2KDc3AG3ICABFAAI5AABAAEAGqiLAqAGykjA6EvuJAbsdWbUERLxUu4AYECwCqAAAAQEICjN0klQ6mxVSFgMBAgABAAH8AwPXeqDyUs\/4\/4GpyC7cQmIfjIDYOwMiNhyWri8r2nhJziBwlN\/eL66WXpAzektMXIQLhsqrrKWrh6bikEQBRa52KQAgmpoTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAGTSkoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIamoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArAClqagABAAAdACA68Y2Vy4YgXwTAo+K4xouQJsapDvYw\/iCmjTHqJSW2SAAtAAIBAQArAAsKamoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJqagABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01151{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1620902507870345,"flow_src_last_pkt_time":1620902507899556,"flow_dst_last_pkt_time":1620902507899110,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902507899556,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64393,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.2","ja3":"aa50c12a5dfa717d9d6ab34e97de79d5","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
-00502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1620902507899556,"flow_dst_last_pkt_time":1620902507928884,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902507928884,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0aC5AADQGT\/mSMDoSwKgBsgG7+4lEvFS7HVm3CYAQAfplMwAAAQEICjqbFXAzdJJU"}
+00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1620902507899556,"flow_dst_last_pkt_time":1620902507928884,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902507928884,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0aC5AADQGT\/mSMDoSwKgBsgG7+4lEvFS7HVm3CYAQAfplMwAAAQEICjqbFXAzdJJU"}
01196{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1620902507870345,"flow_src_last_pkt_time":1620902507899556,"flow_dst_last_pkt_time":1620902507935852,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1620902507935852,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64393,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.3","ja3":"aa50c12a5dfa717d9d6ab34e97de79d5","ja3s":"15af977ce25de452b96affa2addb1036","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":29,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1620902508740717,"flow_src_last_pkt_time":1620902508740717,"flow_dst_last_pkt_time":1620902508740717,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902508740717,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64394,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1620902508740717,"flow_dst_last_pkt_time":1620902508740717,"flow_idle_time":3285032704,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902508740717,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuKAbtgbcSnAAAAALAC\/\/+8\/wAAAgQFtAEDAwUBAQgKM3SVkQAAAAAEAgAA"}
-00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1620902508740717,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902508769205,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+4peZebaYG3EqKAS\/og23AAAAgQFrAQCCAo6mxi5M3SVkQEDAwc="}
-00502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1620902508769277,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902508769277,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuKAbtgbcSoXmXm24AQECxT5gAAAQEICjN0lag6mxi5"}
-01364{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1620902508769889,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"pkt_caplen":701,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":701,"pkt_l4_len":667,"thread_ts_usec":1620902508769889,"pkt":"EBMx8Tl2KDc3AG3ICABFAAKvAABAAEAGqazAqAGykjA6EvuKAbtgbcSoXmXm24AYECx0PgAAAQEICjN0lak6mxi5FgMBAnYBAAJyAwMCqtk1wgF3mmHFXReI\/INqovtCWlLQ6UL0XjDl9ThBTyBFEoSZoVggbsz2GSx\/2xqlntevPGmCQswE\/y7Vr8pzswAg+voTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAIJWloAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIWloAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArAClaWgABAAAdACATE3e3OFsrXs0GvT5ceuP9pkQHg+4NxHatNUTRuXn\/LQAtAAIBAQArAAsKiooDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJKSgABAAApATsBBgEAMypzcqAzWsBAZINcgx+ygBngBlIoyGbwAmgLDQpl5tkcwSk5CG+PkofYG3BR++\/05URLCmQGIN0IQZ3wYvZDIPQMaT5XV4vgN\/p08X7Xwm8dAHtBI2fhXt28FHYxsb9XJq+8hOm5sXSXLGO6GylxYnyhIfh\/OF0m2pK20c0EttaG+X3xopJYhysPLovAxdq5OL5GeDqW0fQEgKWN242uqonFBbxnO+qq2JLFeGMuG8av6DBM+Qo\/PTS7rThi4\/wN+hgwtddmcHTtBzYRgMCZEydI\/48AJXj+BvvB0P4qgtNLv2ttlF\/gO+w5v9rup2LAG+TJEsoGQLplU0t0UBXZMYKeRmkAMTBt6WqitMghRGDh1vMPhh2n4xwuiB1UQQlCdhgcI7OwWsmMdWaBHOR6DAlIEwx9R8o="}
+00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1620902508740717,"flow_dst_last_pkt_time":1620902508740717,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902508740717,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuKAbtgbcSnAAAAALAC\/\/+8\/wAAAgQFtAEDAwUBAQgKM3SVkQAAAAAEAgAA"}
+00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1620902508740717,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902508769205,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+4peZebaYG3EqKAS\/og23AAAAgQFrAQCCAo6mxi5M3SVkQEDAwc="}
+00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1620902508769277,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902508769277,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuKAbtgbcSoXmXm24AQECxT5gAAAQEICjN0lag6mxi5"}
+01381{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1620902508769889,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":701,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":701,"pkt_l4_len":667,"thread_ts_usec":1620902508769889,"pkt":"EBMx8Tl2KDc3AG3ICABFAAKvAABAAEAGqazAqAGykjA6EvuKAbtgbcSoXmXm24AYECx0PgAAAQEICjN0lak6mxi5FgMBAnYBAAJyAwMCqtk1wgF3mmHFXReI\/INqovtCWlLQ6UL0XjDl9ThBTyBFEoSZoVggbsz2GSx\/2xqlntevPGmCQswE\/y7Vr8pzswAg+voTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAIJWloAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIWloAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArAClaWgABAAAdACATE3e3OFsrXs0GvT5ceuP9pkQHg+4NxHatNUTRuXn\/LQAtAAIBAQArAAsKiooDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJKSgABAAApATsBBgEAMypzcqAzWsBAZINcgx+ygBngBlIoyGbwAmgLDQpl5tkcwSk5CG+PkofYG3BR++\/05URLCmQGIN0IQZ3wYvZDIPQMaT5XV4vgN\/p08X7Xwm8dAHtBI2fhXt28FHYxsb9XJq+8hOm5sXSXLGO6GylxYnyhIfh\/OF0m2pK20c0EttaG+X3xopJYhysPLovAxdq5OL5GeDqW0fQEgKWN242uqonFBbxnO+qq2JLFeGMuG8av6DBM+Qo\/PTS7rThi4\/wN+hgwtddmcHTtBzYRgMCZEydI\/48AJXj+BvvB0P4qgtNLv2ttlF\/gO+w5v9rup2LAG+TJEsoGQLplU0t0UBXZMYKeRmkAMTBt6WqitMghRGDh1vMPhh2n4xwuiB1UQQlCdhgcI7OwWsmMdWaBHOR6DAlIEwx9R8o="}
01152{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":34,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1620902508740717,"flow_src_last_pkt_time":1620902508769889,"flow_dst_last_pkt_time":1620902508769205,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":635,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":635,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902508769889,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64394,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.2","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
02137{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":36,"source":"chrome.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":1620902507870345,"flow_src_last_pkt_time":1620902508741011,"flow_dst_last_pkt_time":1620902508774460,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":750,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":1998,"flow_dst_tot_l4_payload_len":15691,"midstream":0,"thread_ts_usec":1620902508774460,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64393,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":3,"avg":57251.0,"max":629043,"stddev":154280.9,"var":23802585088.0,"ent":2.4,"data": [28765,28872,339,29774,6968,212,36564,499,471,13592,322,42282,28,185,11,28620,3,627868,1163,629043,92,171,257,86,255,319,1121,131143,160052,5604,100]},"pktlen": {"min":52,"avg":605.4,"max":1492,"stddev":632.9,"var":400560.7,"ent":4.2,"data": [64,60,52,569,52,1492,1492,52,758,52,132,802,52,52,355,355,52,52,1492,1492,52,1492,1492,52,1492,1471,52,52,703,52,1492,1492]},"bins": {"c_to_s": [10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [5,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,9,0,0]},"directions": [0,1,0,0,1,1,1,0,1,0,0,0,1,1,1,1,0,0,1,1,0,1,1,0,1,1,0,0,0,1,1,1],"entropies": [4.353732109,5.187538624,4.899450302,4.408748150,5.023146629,7.839999199,7.885083199,4.976373196,7.695921421,5.053296566,6.239557743,7.672363281,5.100070000,5.100070477,7.407363892,7.424428940,5.014835358,5.053296566,7.878479958,7.865577221,5.014835358,7.868523121,7.861433029,4.976373672,7.872521877,7.876061916,5.014835358,4.969671726,7.674196243,5.138531685,7.867238522,7.866298676]},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
-00502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":48,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1620902508769889,"flow_dst_last_pkt_time":1620902508797588,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902508797588,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0ynRAADQG7bKSMDoSwKgBsgG7+4peZebbYG3HI4AQAflffwAAAQEICjqbGNczdJWp"}
+00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":48,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1620902508769889,"flow_dst_last_pkt_time":1620902508797588,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902508797588,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0ynRAADQG7bKSMDoSwKgBsgG7+4peZebbYG3HI4AQAflffwAAAQEICjqbGNczdJWp"}
01195{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":49,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1620902508740717,"flow_src_last_pkt_time":1620902508769889,"flow_dst_last_pkt_time":1620902508800346,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":635,"flow_dst_max_l4_payload_len":260,"flow_src_tot_l4_payload_len":635,"flow_dst_tot_l4_payload_len":260,"midstream":0,"thread_ts_usec":1620902508800346,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64394,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.3","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"2253c82f03b621c5144709b393fde2c9","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":74,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1620902509272814,"flow_src_last_pkt_time":1620902509272814,"flow_dst_last_pkt_time":1620902509272814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509272814,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64408,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":74,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509272814,"flow_dst_last_pkt_time":1620902509272814,"flow_idle_time":3285032704,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509272814,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuYAbvjd2YSAAAAALAC\/\/+WlQAAAgQFtAEDAwUBAQgKM3SXeAAAAAAEAgAA"}
+00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":74,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509272814,"flow_dst_last_pkt_time":1620902509272814,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509272814,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuYAbvjd2YSAAAAALAC\/\/+WlQAAAgQFtAEDAwUBAQgKM3SXeAAAAAAEAgAA"}
00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":75,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1620902509273191,"flow_src_last_pkt_time":1620902509273191,"flow_dst_last_pkt_time":1620902509273191,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509273191,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64409,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":75,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509273191,"flow_dst_last_pkt_time":1620902509273191,"flow_idle_time":3285032704,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509273191,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuZAbt3hYKuAAAAALAC\/\/\/l6gAAAgQFtAEDAwUBAQgKM3SXeAAAAAAEAgAA"}
+00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":75,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509273191,"flow_dst_last_pkt_time":1620902509273191,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509273191,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuZAbt3hYKuAAAAALAC\/\/\/l6gAAAgQFtAEDAwUBAQgKM3SXeAAAAAAEAgAA"}
00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":76,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1620902509274034,"flow_src_last_pkt_time":1620902509274034,"flow_dst_last_pkt_time":1620902509274034,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509274034,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64410,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":76,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509274034,"flow_dst_last_pkt_time":1620902509274034,"flow_idle_time":3285032704,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509274034,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuaAbt39JnFAAAAALAC\/\/\/OYgAAAgQFtAEDAwUBAQgKM3SXeQAAAAAEAgAA"}
+00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":76,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509274034,"flow_dst_last_pkt_time":1620902509274034,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509274034,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvuaAbt39JnFAAAAALAC\/\/\/OYgAAAgQFtAEDAwUBAQgKM3SXeQAAAAAEAgAA"}
00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":77,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1620902509276446,"flow_src_last_pkt_time":1620902509276446,"flow_dst_last_pkt_time":1620902509276446,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509276446,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64411,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":77,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509276446,"flow_dst_last_pkt_time":1620902509276446,"flow_idle_time":3285032704,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509276446,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvubAbvm4fjEAAAAALAC\/\/8AcwAAAgQFtAEDAwUBAQgKM3SXewAAAAAEAgAA"}
-00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":105,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509273191,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509302469,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5l1X2J5d4WCr6AS\/ojLGgAAAgQFrAQCCAo6mxrNM3SXeAEDAwc="}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":106,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509302525,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509302525,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuZAbt3hYKvdV9ieoAQECzoIAAAAQEICjN0l5M6mxrN"}
-00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":107,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509272814,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509302592,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5gJQMJ043dmE6AS\/oiH6wAAAgQFrAQCCAo6mxrLM3SXeAEDAwc="}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":108,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509302633,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509302633,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuYAbvjd2YTCUDCdYAQECyk8QAAAQEICjN0l5M6mxrL"}
-00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":109,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509274034,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509302720,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5p\/iAsOd\/SZxqAS\/ogA1gAAAgQFrAQCCAo6mxrMM3SXeQEDAwc="}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":110,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509302760,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509302760,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuaAbt39JnGf4gLD4AQECwd3QAAAQEICjN0l5M6mxrM"}
-00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":112,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509276446,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509303215,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5sh1fPg5uH4xaAS\/oinwwAAAgQFrAQCCAo6mxrPM3SXewEDAwc="}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":113,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509303263,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509303263,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvubAbvm4fjFIdXz4YAQECzEywAAAQEICjN0l5Q6mxrP"}
-01363{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":114,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509303389,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"pkt_caplen":701,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":701,"pkt_l4_len":667,"thread_ts_usec":1620902509303389,"pkt":"EBMx8Tl2KDc3AG3ICABFAAKvAABAAEAGqazAqAGykjA6EvuZAbt3hYKvdV9ieoAYECw9qQAAAQEICjN0l5Q6mxrNFgMBAnYBAAJyAwMbONTKSobWCChLaoCmtvCx9\/pcgkTaqzrbkutJyPLiiiAasQqGVnwXQsOOo5jRZ6QYT1CK7uD5XdKRBJ7yUd1W1QAgCgoTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAIJamoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIysoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACnKygABAAAdACCMB4Sr5kZOgAN0tULVonTgn5Nij3DsLDlo2DGvxFS3UQAtAAIBAQArAAsKCgoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJaWgABAAApATsBBgEAMypzcqAzWsBAZINcgx+ygCWLE0kui4sgtM1uL6vzp2XjKj7qFF1cVEZiZ8DNfAhnNOKGWmDqAezjvAmwhBr0lj+CkITL1PZY+KIE92UEd83VIlba64swaeetUJem3b6DiVZr+sG6v5nO24w5Fq5jNooCYgea\/kSCyAgKJw9zXAJkF+ALbg2UnYNwTrdv8UPPYWK\/\/FZxs47otAScGMYES95F\/UddJx40v3LL\/2MTqfWFWQPciC8dXh3pVmMH0FgERSOK5xDJguySwBxpXYyQEhLfajyKuuk1x0FpqqqHVJ9noGsOyOGkaLXVVsVSRGH\/pEJvYOGNaqccYbo8GZWI7U8\/S3MAMTC1t7pqBopyN+bNR3r+6YjgqI8u99b\/DXkSmTFHlni2n471uDYr96gynKaHq24YiaE="}
+00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":77,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1620902509276446,"flow_dst_last_pkt_time":1620902509276446,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1620902509276446,"pkt":"EBMx8Tl2KDc3AG3ICABFAABAAABAAEAGrBvAqAGykjA6EvubAbvm4fjEAAAAALAC\/\/8AcwAAAgQFtAEDAwUBAQgKM3SXewAAAAAEAgAA"}
+00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":105,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509273191,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509302469,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5l1X2J5d4WCr6AS\/ojLGgAAAgQFrAQCCAo6mxrNM3SXeAEDAwc="}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":106,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509302525,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509302525,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuZAbt3hYKvdV9ieoAQECzoIAAAAQEICjN0l5M6mxrN"}
+00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":107,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509272814,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509302592,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5gJQMJ043dmE6AS\/oiH6wAAAgQFrAQCCAo6mxrLM3SXeAEDAwc="}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":108,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509302633,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509302633,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuYAbvjd2YTCUDCdYAQECyk8QAAAQEICjN0l5M6mxrL"}
+00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":109,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509274034,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509302720,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5p\/iAsOd\/SZxqAS\/ogA1gAAAgQFrAQCCAo6mxrMM3SXeQEDAwc="}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":110,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509302760,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509302760,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvuaAbt39JnGf4gLD4AQECwd3QAAAQEICjN0l5M6mxrM"}
+00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":112,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1620902509276446,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1620902509303215,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA8AABAADQGuB+SMDoSwKgBsgG7+5sh1fPg5uH4xaAS\/oinwwAAAgQFrAQCCAo6mxrPM3SXewEDAwc="}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":113,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_src_last_pkt_time":1620902509303263,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509303263,"pkt":"EBMx8Tl2KDc3AG3ICABFAAA0AABAAEAGrCfAqAGykjA6EvubAbvm4fjFIdXz4YAQECzEywAAAQEICjN0l5Q6mxrP"}
+01380{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":114,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509303389,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":701,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":701,"pkt_l4_len":667,"thread_ts_usec":1620902509303389,"pkt":"EBMx8Tl2KDc3AG3ICABFAAKvAABAAEAGqazAqAGykjA6EvuZAbt3hYKvdV9ieoAYECw9qQAAAQEICjN0l5Q6mxrNFgMBAnYBAAJyAwMbONTKSobWCChLaoCmtvCx9\/pcgkTaqzrbkutJyPLiiiAasQqGVnwXQsOOo5jRZ6QYT1CK7uD5XdKRBJ7yUd1W1QAgCgoTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAIJamoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIysoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACnKygABAAAdACCMB4Sr5kZOgAN0tULVonTgn5Nij3DsLDlo2DGvxFS3UQAtAAIBAQArAAsKCgoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJaWgABAAApATsBBgEAMypzcqAzWsBAZINcgx+ygCWLE0kui4sgtM1uL6vzp2XjKj7qFF1cVEZiZ8DNfAhnNOKGWmDqAezjvAmwhBr0lj+CkITL1PZY+KIE92UEd83VIlba64swaeetUJem3b6DiVZr+sG6v5nO24w5Fq5jNooCYgea\/kSCyAgKJw9zXAJkF+ALbg2UnYNwTrdv8UPPYWK\/\/FZxs47otAScGMYES95F\/UddJx40v3LL\/2MTqfWFWQPciC8dXh3pVmMH0FgERSOK5xDJguySwBxpXYyQEhLfajyKuuk1x0FpqqqHVJ9noGsOyOGkaLXVVsVSRGH\/pEJvYOGNaqccYbo8GZWI7U8\/S3MAMTC1t7pqBopyN+bNR3r+6YjgqI8u99b\/DXkSmTFHlni2n471uDYr96gynKaHq24YiaE="}
01153{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":114,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1620902509273191,"flow_src_last_pkt_time":1620902509303389,"flow_dst_last_pkt_time":1620902509302469,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":635,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":635,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509303389,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64409,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.2","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
-01367{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":115,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509303683,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"pkt_caplen":701,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":701,"pkt_l4_len":667,"thread_ts_usec":1620902509303683,"pkt":"EBMx8Tl2KDc3AG3ICABFAAKvAABAAEAGqazAqAGykjA6EvuYAbvjd2YTCUDCdYAYECx0YQAAAQEICjN0l5Q6mxrLFgMBAnYBAAJyAwMQHmJhlHeScT7a9egK2SjOzyaNKX\/ov\/FX5TftMs8zmCCfkPb+1ZsEYNNrxkVe5BM24z4mIR25BtkXl0BC4xubrQAgSkoTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAIJSkoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAISkoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArAClKSgABAAAdACBHHmvJqS0E6b1sf\/QNMqQwNI+sBMgqNEguKyS9wQXAKwAtAAIBAQArAAsKmpoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJaWgABAAApATsBBgEAMypzcqAzWsBAZINcgx+ygD\/1Ed8AhagbFDO4w9YNA2cr3sFrEQ9Slid5TZVf2ljtvHdasUip2wOHkRhUjqWumvMshtAJmTDjAZ+n4aciI2iElpX+sae8N6RFewPghBeuv+gvEaLKOqScM\/qhAMP+UjLorSsDoaMAZ40hGjqSRu7qFHq+SxJ2eZsZ4xm5quGG\/cLYpXLjWAIttRHSotpAwv2wFae6ujdlZejhNSfP5lI0b3xZ+2LWmU\/E5doQrJa\/voNJ70V\/d\/M6psU+c4L9ACb94Vf\/p\/Mo+CIkORvg6qwDPWUhGqnoTtz9mIPpXylHEcA96JXtyeO1rrBJSBG4U48diqoAMTCrJK8S79Vkr05s70NDyBq5vnuFSQ573cgHwcs9lkE2t8U8BogXT3+gejSZgS\/IG2s="}
+01384{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":115,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509303683,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":701,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":701,"pkt_l4_len":667,"thread_ts_usec":1620902509303683,"pkt":"EBMx8Tl2KDc3AG3ICABFAAKvAABAAEAGqazAqAGykjA6EvuYAbvjd2YTCUDCdYAYECx0YQAAAQEICjN0l5Q6mxrLFgMBAnYBAAJyAwMQHmJhlHeScT7a9egK2SjOzyaNKX\/ov\/FX5TftMs8zmCCfkPb+1ZsEYNNrxkVe5BM24z4mIR25BtkXl0BC4xubrQAgSkoTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAIJSkoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAISkoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArAClKSgABAAAdACBHHmvJqS0E6b1sf\/QNMqQwNI+sBMgqNEguKyS9wQXAKwAtAAIBAQArAAsKmpoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDJaWgABAAApATsBBgEAMypzcqAzWsBAZINcgx+ygD\/1Ed8AhagbFDO4w9YNA2cr3sFrEQ9Slid5TZVf2ljtvHdasUip2wOHkRhUjqWumvMshtAJmTDjAZ+n4aciI2iElpX+sae8N6RFewPghBeuv+gvEaLKOqScM\/qhAMP+UjLorSsDoaMAZ40hGjqSRu7qFHq+SxJ2eZsZ4xm5quGG\/cLYpXLjWAIttRHSotpAwv2wFae6ujdlZejhNSfP5lI0b3xZ+2LWmU\/E5doQrJa\/voNJ70V\/d\/M6psU+c4L9ACb94Vf\/p\/Mo+CIkORvg6qwDPWUhGqnoTtz9mIPpXylHEcA96JXtyeO1rrBJSBG4U48diqoAMTCrJK8S79Vkr05s70NDyBq5vnuFSQ573cgHwcs9lkE2t8U8BogXT3+gejSZgS\/IG2s="}
01153{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":115,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1620902509272814,"flow_src_last_pkt_time":1620902509303683,"flow_dst_last_pkt_time":1620902509302592,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":635,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":635,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509303683,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64408,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.2","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
-01199{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":116,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509304055,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1620902509304055,"pkt":"EBMx8Tl2KDc3AG3ICABFAAI5AABAAEAGqiLAqAGykjA6EvuaAbt39JnGf4gLD4AYECxAQAAAAQEICjN0l5Q6mxrMFgMBAgABAAH8AwMCpM4ap6FxMcuum4k0rFOx6HKELsU74ZewAm9NNFHrHCDl5mYK5NyKLhR+6cYFEa62hVKl7RtVXWgVBX69oQSHcgAgKioTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAGTGhoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAI2toAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACna2gABAAAdACDVdDEDWQarcksPiULXEPcvgATD\/InPdHmyFksU9j0rLgAtAAIBAQArAAsKGhoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDKqqgABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
+01216{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":116,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509304055,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1620902509304055,"pkt":"EBMx8Tl2KDc3AG3ICABFAAI5AABAAEAGqiLAqAGykjA6EvuaAbt39JnGf4gLD4AYECxAQAAAAQEICjN0l5Q6mxrMFgMBAgABAAH8AwMCpM4ap6FxMcuum4k0rFOx6HKELsU74ZewAm9NNFHrHCDl5mYK5NyKLhR+6cYFEa62hVKl7RtVXWgVBX69oQSHcgAgKioTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAGTGhoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAI2toAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACna2gABAAAdACDVdDEDWQarcksPiULXEPcvgATD\/InPdHmyFksU9j0rLgAtAAIBAQArAAsKGhoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDKqqgABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01153{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":116,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1620902509274034,"flow_src_last_pkt_time":1620902509304055,"flow_dst_last_pkt_time":1620902509302720,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509304055,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64410,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.2","ja3":"aa50c12a5dfa717d9d6ab34e97de79d5","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
-01200{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":117,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509304589,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1620902509304589,"pkt":"EBMx8Tl2KDc3AG3ICABFAAI5AABAAEAGqiLAqAGykjA6EvubAbvm4fjFIdXz4YAYECz+5wAAAQEICjN0l5U6mxrPFgMBAgABAAH8AwPu4vpXPVJNlXrjnZXiqHfet\/5isXgiQo8YmHFRC+jacCCRSxgXbR061vVKAt5s22lo06L3Jln\/c9UF2p0z2Uc8+AAguroTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAGTGhoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIysoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACnKygABAAAdACC7JB7a1tLwPRdP883wFtQgfEydREFgd5BZJX4R7xYdSAAtAAIBAQArAAsKCgoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDIKCgABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
+01217{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":117,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":4,"flow_src_last_pkt_time":1620902509304589,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1620902509304589,"pkt":"EBMx8Tl2KDc3AG3ICABFAAI5AABAAEAGqiLAqAGykjA6EvubAbvm4fjFIdXz4YAYECz+5wAAAQEICjN0l5U6mxrPFgMBAgABAAH8AwPu4vpXPVJNlXrjnZXiqHfet\/5isXgiQo8YmHFRC+jacCCRSxgXbR061vVKAt5s22lo06L3Jln\/c9UF2p0z2Uc8+AAguroTAxMBEwLMqcyowCvAL8AswDDAE8AUAJwAnQAvADUBAAGTGhoAAAAAABMAEQAADnd3dy5paXQuY25yLml0ABcAAP8BAAEAAAoACgAIysoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACnKygABAAAdACC7JB7a1tLwPRdP883wFtQgfEydREFgd5BZJX4R7xYdSAAtAAIBAQArAAsKCgoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDIKCgABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01153{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":117,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1620902509276446,"flow_src_last_pkt_time":1620902509304589,"flow_dst_last_pkt_time":1620902509303215,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1620902509304589,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64411,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.2","ja3":"aa50c12a5dfa717d9d6ab34e97de79d5","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
01972{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":120,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":17,"flow_first_seen":1620902508740717,"flow_src_last_pkt_time":1620902509329896,"flow_dst_last_pkt_time":1620902509327995,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":717,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":2136,"flow_dst_tot_l4_payload_len":15926,"midstream":0,"thread_ts_usec":1620902509329896,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64394,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":111,"avg":37950.2,"max":468764,"stddev":110334.2,"var":12173627392.0,"ent":2.3,"data": [28488,28560,612,28383,2758,30530,2041,28373,116,26422,441785,468764,1748,1393,30158,119,111,182,125,120,237,134,128,266,240,251,495,806,26027,25276,1809]},"pktlen": {"min":52,"avg":617.1,"max":1492,"stddev":638.0,"var":407026.8,"ent":4.2,"data": [64,60,52,687,52,312,52,132,52,355,52,769,52,1492,1492,52,1492,1492,52,1492,1492,52,1492,1492,52,1492,1492,52,52,1015,52,756]},"bins": {"c_to_s": [11,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [4,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]},"directions": [0,1,0,0,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,0,1,0,0],"entropies": [4.416232109,5.300120831,4.923394680,7.069493294,5.100070000,6.936732292,5.014835358,6.319468975,5.176993370,7.399957657,5.053297043,7.734244347,5.100070477,7.871783733,7.865388870,5.000318050,7.853028297,7.882699490,5.000318050,7.860120296,7.865950584,4.923395157,7.858026981,7.861842632,4.961856365,7.886532307,7.875236988,5.038779736,4.863714218,7.794827461,4.961856365,7.699286461]}}
01202{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":120,"source":"chrome.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":17,"flow_first_seen":1620902508740717,"flow_src_last_pkt_time":1620902509329896,"flow_dst_last_pkt_time":1620902509327995,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":717,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":2136,"flow_dst_tot_l4_payload_len":15926,"midstream":0,"thread_ts_usec":1620902509329896,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64394,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.3","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"2253c82f03b621c5144709b393fde2c9","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":123,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509304589,"flow_dst_last_pkt_time":1620902509331464,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509331464,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0WmJAADQGXcWSMDoSwKgBsgG7+5sh1fPh5uH6yoAQAfrQ2gAAAQEICjqbGuwzdJeV"}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":124,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509303389,"flow_dst_last_pkt_time":1620902509331480,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509331480,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0ro1AADQGCZqSMDoSwKgBsgG7+5l1X2J6d4WFKoAQAfnzuAAAAQEICjqbGuwzdJeU"}
-00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":125,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509304055,"flow_dst_last_pkt_time":1620902509332600,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509332600,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0neJAADQGGkWSMDoSwKgBsgG7+5p\/iAsPd\/Sby4AQAfop6gAAAQEICjqbGuszdJeU"}
-00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":126,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509303683,"flow_dst_last_pkt_time":1620902509332619,"flow_idle_time":3285032704,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509332619,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0NpVAADQGgZKSMDoSwKgBsgG7+5gJQMJ143dojoAQAfmwiAAAAQEICjqbGuszdJeU"}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":123,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509304589,"flow_dst_last_pkt_time":1620902509331464,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509331464,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0WmJAADQGXcWSMDoSwKgBsgG7+5sh1fPh5uH6yoAQAfrQ2gAAAQEICjqbGuwzdJeV"}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":124,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509303389,"flow_dst_last_pkt_time":1620902509331480,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509331480,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0ro1AADQGCZqSMDoSwKgBsgG7+5l1X2J6d4WFKoAQAfnzuAAAAQEICjqbGuwzdJeU"}
+00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":125,"source":"chrome.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509304055,"flow_dst_last_pkt_time":1620902509332600,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509332600,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0neJAADQGGkWSMDoSwKgBsgG7+5p\/iAsPd\/Sby4AQAfop6gAAAQEICjqbGuszdJeU"}
+00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":126,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":5,"flow_src_last_pkt_time":1620902509303683,"flow_dst_last_pkt_time":1620902509332619,"flow_idle_time":3285032704,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1620902509332619,"pkt":"KDc3AG3IEBMx8Tl2CABFAAA0NpVAADQGgZKSMDoSwKgBsgG7+5gJQMJ143dojoAQAfmwiAAAAQEICjqbGuszdJeU"}
01196{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":128,"source":"chrome.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1620902509273191,"flow_src_last_pkt_time":1620902509303389,"flow_dst_last_pkt_time":1620902509333977,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":635,"flow_dst_max_l4_payload_len":260,"flow_src_tot_l4_payload_len":635,"flow_dst_tot_l4_payload_len":260,"midstream":0,"thread_ts_usec":1620902509333977,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64409,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.3","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"2253c82f03b621c5144709b393fde2c9","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
01196{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":132,"source":"chrome.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1620902509272814,"flow_src_last_pkt_time":1620902509303683,"flow_dst_last_pkt_time":1620902509335101,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":635,"flow_dst_max_l4_payload_len":260,"flow_src_tot_l4_payload_len":635,"flow_dst_tot_l4_payload_len":260,"midstream":0,"thread_ts_usec":1620902509335101,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64408,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.3","ja3":"1b73862eae8f1711440a446b1ef357fd","ja3s":"2253c82f03b621c5144709b393fde2c9","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
01198{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":136,"source":"chrome.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1620902509276446,"flow_src_last_pkt_time":1620902509304589,"flow_dst_last_pkt_time":1620902509338226,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1620902509338226,"l3_proto":"ip4","src_ip":"192.168.1.178","dst_ip":"146.48.58.18","src_port":64411,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"www.iit.cnr.it","tls": {"version":"TLSv1.3","ja3":"aa50c12a5dfa717d9d6ab34e97de79d5","ja3s":"15af977ce25de452b96affa2addb1036","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1"}}}
Powered by cgit, Themed by Ted Yin.