aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/pps.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/pps.pcap.out')
-rw-r--r--test/results/flow-info/pps.pcap.out150
1 files changed, 75 insertions, 75 deletions
diff --git a/test/results/flow-info/pps.pcap.out b/test/results/flow-info/pps.pcap.out
index acb20cf1e..0bf74e912 100644
--- a/test/results/flow-info/pps.pcap.out
+++ b/test/results/flow-info/pps.pcap.out
@@ -93,98 +93,98 @@
[ENTROPIES...: 5.3,5.3,7.8,5.3,5.3,5.3,5.3,7.8,5.2,5.2,7.8,5.0,5.0,5.1,5.1,7.8,5.2,5.2,7.7,5.1,5.1,5.1,5.1,7.8,5.1,5.1,5.1,5.1,7.8,5.1,5.1,4.9]
not-detected: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956] [Unknown][Unrated]
new: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [MIDSTREAM]
- detected: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun][api.cupid.iqiyi.com]
new: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [MIDSTREAM]
- detected: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable]
+ detected: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable][click.hm.baidu.com]
new: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [MIDSTREAM]
- detected: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.Google][Web][Acceptable]
+ detected: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.Google][Web][Acceptable][clients1.google.com]
new: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [MIDSTREAM]
- detected: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [MIDSTREAM]
- detected: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Streaming][Fun][cache.video.iqiyi.com]
new: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [MIDSTREAM]
- detected: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Web][Acceptable]
+ detected: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Web][Acceptable][]
new: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [MIDSTREAM]
- detected: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Web][Acceptable]
+ detected: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Web][Acceptable][cmc.tanx.com]
new: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [MIDSTREAM]
- detected: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][Cybersecurity][Safe]
+ detected: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][Cybersecurity][Safe][bcu.ff.avast.com]
RISK: HTTP Suspicious User-Agent
new: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900]
- detected: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [MIDSTREAM]
- detected: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable]
+ detected: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable][meta.video.qiyi.com]
new: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [MIDSTREAM]
- detected: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable]
+ detected: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable][pdata.video.qiyi.com]
new: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [MIDSTREAM]
- detected: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable]
+ detected: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable][pdata.video.qiyi.com]
new: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [MIDSTREAM]
- detected: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable]
+ detected: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable][223.26.106.66]
RISK: HTTP Numeric IP Address
- detection-update: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable]
+ detection-update: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable][223.26.106.66]
RISK: HTTP Numeric IP Address
new: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [MIDSTREAM]
- detected: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Web][Acceptable]
+ detected: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Web][Acceptable][pdata.video.qiyi.com]
new: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [MIDSTREAM]
- detected: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable]
+ detected: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable][223.26.106.66]
RISK: HTTP Numeric IP Address
new: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [MIDSTREAM]
- detected: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+ detected: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable][api.magicansoft.com]
new: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900]
- detected: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [MIDSTREAM]
- detected: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun][api.cupid.iqiyi.com]
new: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [MIDSTREAM]
- detected: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable]
+ detected: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable][click.hm.baidu.com]
new: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900]
- detected: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900]
- detected: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [MIDSTREAM]
- detected: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable]
+ detected: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable][msg.video.qiyi.com]
new: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [MIDSTREAM]
- detected: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [MIDSTREAM]
- detected: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Web][Acceptable]
+ detected: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Web][Acceptable][s1.symcb.com]
new: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900]
- detected: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900]
- detected: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [MIDSTREAM]
- detected: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+ detected: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable][api.magicansoft.com]
new: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900]
- detected: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
update: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133]
update: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006]
update: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107]
@@ -220,9 +220,9 @@
update: [.....5] [ip4][..udp] [..192.168.115.8][22793] -> [...202.198.7.89][16039]
update: [....15] [ip4][..udp] [..192.168.115.8][22793] -> [..36.237.154.69][.4316]
new: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [MIDSTREAM]
- detected: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
+ detected: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
analyse: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.036| 0.003| 0.009| 84.840| 1.800]
@@ -234,45 +234,45 @@
[PKTLENS.....: 184,552,188,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300]
[ENTROPIES...: 5.6,5.7,5.6,4.4,0.3,0.3,3.7,6.1,5.9,6.1,6.0,6.2,6.1,6.0,6.1,5.9,6.3,6.2,6.3,6.4,5.8,6.2,6.0,6.1,6.1,6.4,6.3,6.0,6.1,6.0,6.4,6.3]
new: [....83] [ip4][..udp] [...192.168.5.38][.1900] -> [239.255.255.250][.1900]
- detected: [....83] [ip4][..udp] [...192.168.5.38][.1900] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....83] [ip4][..udp] [...192.168.5.38][.1900] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900]
- detected: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....85] [ip4][..tcp] [..192.168.115.8][50507] -> [..223.26.106.19][...80] [MIDSTREAM]
- detected: [....85] [ip4][..tcp] [..192.168.115.8][50507] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
+ detected: [....85] [ip4][..tcp] [..192.168.115.8][50507] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [MIDSTREAM]
- detected: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [HTTP][Web][Acceptable]
+ detected: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [HTTP][Web][Acceptable][]
new: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [MIDSTREAM]
- detected: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [HTTP][Web][Acceptable]
+ detected: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [HTTP][Web][Acceptable][]
new: [....88] [ip4][..tcp] [..192.168.115.8][50508] -> [..223.26.106.19][...80] [MIDSTREAM]
- detected: [....88] [ip4][..tcp] [..192.168.115.8][50508] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
+ detected: [....88] [ip4][..tcp] [..192.168.115.8][50508] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [MIDSTREAM]
- detected: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Web][Acceptable]
+ detected: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Web][Acceptable][iplocation.geo.qiyi.com]
new: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [MIDSTREAM]
- detected: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable]
+ detected: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....91] [ip4][..tcp] [..192.168.115.8][50767] -> [..223.26.106.20][...80] [MIDSTREAM]
- detected: [....91] [ip4][..tcp] [..192.168.115.8][50767] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable]
+ detected: [....91] [ip4][..tcp] [..192.168.115.8][50767] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [MIDSTREAM]
- detected: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable]
+ detected: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable][msg.video.qiyi.com]
new: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [MIDSTREAM]
- detected: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
+ detected: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [MIDSTREAM]
- detected: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun][api.cupid.iqiyi.com]
new: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [MIDSTREAM]
- detected: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
+ detected: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [MIDSTREAM]
- detected: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun][nl.rcd.iqiyi.com]
new: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [MIDSTREAM]
- detected: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Streaming][Acceptable]
+ detected: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [MIDSTREAM]
- detected: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun][nl.rcd.iqiyi.com]
new: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [MIDSTREAM]
- detected: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
+ detected: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [MIDSTREAM]
- detected: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [MIDSTREAM]
- detected: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [MIDSTREAM]
- detected: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun][preimage1.qiyipic.com]
analyse: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.061| 0.005| 0.014| 183.828| 1.800]
@@ -284,11 +284,11 @@
[PKTLENS.....: 289,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300]
[ENTROPIES...: 5.7,7.1,7.8,7.8,7.8,7.8,7.8,7.9,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.7,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8]
new: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900]
- detected: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
+ detected: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [MIDSTREAM]
- detected: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [MIDSTREAM]
- detected: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun][preimage1.qiyipic.com]
analyse: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.063| 0.006| 0.016| 268.635| 1.700]
@@ -301,11 +301,11 @@
[ENTROPIES...: 5.7,7.1,7.8,7.8,7.8,7.8,7.8,7.7,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8]
update: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
new: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [MIDSTREAM]
- detected: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
+ detected: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun][preimage1.qiyipic.com]
new: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [MIDSTREAM]
- detected: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.AVAST][Download][Safe]
+ detected: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.AVAST][Download][Safe][]
RISK: Binary App Transfer
- detection-update: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.AVAST][Download][Safe]
+ detection-update: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.AVAST][Download][Safe][]
RISK: Binary App Transfer
not-detected: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133] [Unknown][Unrated]
idle: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133]
@@ -315,7 +315,7 @@
idle: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006]
not-detected: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107] [Unknown][Unrated]
idle: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107]
- guessed: [....10] [ip4][..tcp] [...192.168.5.15][65125] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
+ guessed: [....10] [ip4][..tcp] [...192.168.5.15][65125] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable][]
end: [....10] [ip4][..tcp] [...192.168.5.15][65125] -> [.68.233.253.133][...80]
idle: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
idle: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
@@ -362,7 +362,7 @@
idle: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
idle: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956] [Unknown][Unrated]
idle: [.....2] [ip4][..udp] [..118.171.15.56][.5544] -> [..192.168.115.8][22793] [Unknown][Unrated]
- guessed: [.....9] [ip4][..tcp] [..192.168.115.8][50462] -> [.202.108.14.236][...80] [HTTP][Web][Acceptable]
+ guessed: [.....9] [ip4][..tcp] [..192.168.115.8][50462] -> [.202.108.14.236][...80] [HTTP][Web][Acceptable][]
idle: [.....9] [ip4][..tcp] [..192.168.115.8][50462] -> [.202.108.14.236][...80]
idle: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
Powered by cgit, Themed by Ted Yin.