summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/pps.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/pps.pcap.out')
-rw-r--r--test/results/flow-info/default/pps.pcap.out112
1 files changed, 95 insertions, 17 deletions
diff --git a/test/results/flow-info/default/pps.pcap.out b/test/results/flow-info/default/pps.pcap.out
index 7f84e0a71..28b273f24 100644
--- a/test/results/flow-info/default/pps.pcap.out
+++ b/test/results/flow-info/default/pps.pcap.out
@@ -100,54 +100,83 @@
new: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [MIDSTREAM]
detected: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [MIDSTREAM]
detected: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com]
RISK: Unidirectional Traffic
+ detection-update: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com]
new: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [MIDSTREAM]
detected: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.Google][Unknown][Web][Acceptable][clients1.google.com]
RISK: Unidirectional Traffic
+ detection-update: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.OCSP][Unknown][Web][Safe][clients1.google.com]
new: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
new: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
+ RISK: HTTP Obsolete Server
+ detection-update: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [MIDSTREAM]
detected: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
RISK: Unidirectional Traffic
new: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [MIDSTREAM]
detected: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Unknown][Streaming][Fun][cache.video.iqiyi.com]
RISK: HTTP Susp User-Agent, Unidirectional Traffic
+ detection-update: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Unknown][Streaming][Fun][cache.video.iqiyi.com]
+ RISK: HTTP Susp User-Agent
+ detection-update: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [MIDSTREAM]
detected: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Unknown][Web][Acceptable][]
RISK: HTTP Susp User-Agent, Unidirectional Traffic
new: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [MIDSTREAM]
detected: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Alibaba][Web][Acceptable][cmc.tanx.com]
RISK: Unidirectional Traffic
+ detection-update: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Alibaba][Web][Acceptable][cmc.tanx.com]
new: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [MIDSTREAM]
detected: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][AVAST][Cybersecurity][Safe][bcu.ff.avast.com]
RISK: HTTP Susp User-Agent, Unidirectional Traffic
@@ -161,27 +190,40 @@
new: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Unknown][Web][Acceptable][meta.video.qiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Unknown][Web][Acceptable][meta.video.qiyi.com]
new: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [MIDSTREAM]
detected: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com]
+ RISK: HTTP Obsolete Server
new: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [MIDSTREAM]
detected: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com]
+ RISK: HTTP Obsolete Server
new: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [MIDSTREAM]
detected: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Unknown][Web][Acceptable][223.26.106.66]
RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic
+ detection-update: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Unknown][Web][Acceptable][223.26.106.66]
+ RISK: HTTP/TLS/QUIC Numeric Hostname/SNI
new: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [MIDSTREAM]
detected: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com]
RISK: Unidirectional Traffic
new: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com]
+ RISK: HTTP Obsolete Server
new: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [MIDSTREAM]
detected: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Unknown][Web][Acceptable][223.26.106.66]
RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic
+ detection-update: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [MIDSTREAM]
detected: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com]
RISK: Unidirectional Traffic
+ detection-update: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com]
+ RISK: Error Code
detection-update: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Unknown][Download][Acceptable][223.26.106.66]
RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI
new: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900]
@@ -189,12 +231,17 @@
new: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [MIDSTREAM]
detected: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [MIDSTREAM]
detected: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com]
RISK: Unidirectional Traffic
+ detection-update: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com]
new: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900]
detected: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900]
@@ -202,28 +249,41 @@
new: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [MIDSTREAM]
detected: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable][msg.video.qiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable][msg.video.qiyi.com]
+ RISK: HTTP Obsolete Server
new: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [MIDSTREAM]
detected: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [MIDSTREAM]
detected: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Unknown][Web][Acceptable][s1.symcb.com]
RISK: Unidirectional Traffic
+ detection-update: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Unknown][Web][Acceptable][s1.symcb.com]
new: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900]
detected: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900]
detected: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [MIDSTREAM]
detected: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com]
RISK: Unidirectional Traffic
+ detection-update: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com]
+ RISK: Error Code
new: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900]
detected: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
update: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133]
@@ -243,7 +303,6 @@
update: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250]
update: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590]
update: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
update: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227]
update: [....20] [ip4][..udp] [..192.168.115.8][22793] -> [.121.248.133.93][12757]
update: [....19] [ip4][..udp] [..192.168.115.8][22793] -> [..202.112.31.89][29072]
@@ -251,14 +310,10 @@
update: [....14] [ip4][..udp] [..192.168.115.8][22793] -> [..61.223.204.67][11102]
update: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793]
update: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
update: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
update: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185]
update: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
update: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
update: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738]
update: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738]
update: [....17] [ip4][..udp] [..192.168.115.8][22793] -> [.111.117.101.81][10162]
@@ -296,6 +351,7 @@
new: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [MIDSTREAM]
detected: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Unknown][Web][Acceptable][iplocation.geo.qiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Unknown][Web][Acceptable][iplocation.geo.qiyi.com]
new: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [HTTP][Unknown][Web][Acceptable][static.qiyi.com]
RISK: Unidirectional Traffic
@@ -312,20 +368,29 @@
new: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [MIDSTREAM]
detected: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Unknown][Web][Acceptable][static.qiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable][msg.video.qiyi.com]
+ RISK: HTTP Obsolete Server
detection-update: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Unknown][Download][Acceptable][static.qiyi.com]
RISK: Binary App Transfer
new: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [MIDSTREAM]
detected: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
new: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [MIDSTREAM]
detected: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
+ detection-update: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com]
new: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [MIDSTREAM]
detected: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
RISK: Unidirectional Traffic
+ detection-update: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
new: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [MIDSTREAM]
detected: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com]
RISK: Unidirectional Traffic
@@ -335,21 +400,32 @@
new: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [MIDSTREAM]
detected: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am]
+ RISK: HTTP Obsolete Server
+ detection-update: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [MIDSTREAM]
detected: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com]
RISK: Unidirectional Traffic
+ detection-update: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com]
new: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900]
detected: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [MIDSTREAM]
detected: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
RISK: Unidirectional Traffic
+ detection-update: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com]
+ RISK: HTTP Obsolete Server
new: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com]
RISK: Unidirectional Traffic
+ detection-update: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com]
update: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
+ detection-update: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com]
new: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com]
RISK: Unidirectional Traffic
@@ -423,8 +499,10 @@
RISK: Binary App Transfer
idle: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun]
idle: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun]
- idle: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80]
- idle: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295]
+ idle: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun]
+ RISK: Unidirectional Traffic
+ idle: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent, Unidirectional Traffic, HTTP Obsolete Server
not-detected: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716] [Unknown][Unknown][Unrated]
idle: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716]
idle: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
@@ -466,7 +544,8 @@
RISK: HTTP Obsolete Server
idle: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable]
RISK: HTTP Obsolete Server
- idle: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80]
+ idle: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable]
+ RISK: Unidirectional Traffic
idle: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable]
RISK: HTTP Obsolete Server
idle: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable]
@@ -477,9 +556,12 @@
RISK: HTTP Obsolete Server
idle: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable]
RISK: HTTP Obsolete Server
- idle: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80]
- idle: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506]
- idle: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174]
+ idle: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable]
+ RISK: Unidirectional Traffic
+ idle: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent, Unidirectional Traffic, HTTP Obsolete Server
+ idle: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.Cybersec][AVAST][Cybersecurity][Safe]
+ RISK: HTTP Susp User-Agent
not-detected: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
idle: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074]
@@ -490,7 +572,6 @@
idle: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590]
idle: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable]
idle: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
end: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable]
idle: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Alibaba][Web][Acceptable]
not-detected: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227] [Unknown][Unknown][Unrated]
@@ -527,16 +608,12 @@
idle: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793]
idle: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
idle: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
idle: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
not-detected: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
idle: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185]
idle: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
idle: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788] [PPStream][Unknown][Streaming][Fun]
- RISK: Unidirectional Traffic
idle: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
not-detected: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
@@ -546,7 +623,8 @@
idle: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738]
idle: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable]
RISK: HTTP Obsolete Server
- idle: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443]
+ idle: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent, Unidirectional Traffic
idle: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun]
RISK: HTTP Obsolete Server
idle: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun]
Powered by cgit, Themed by Ted Yin.